| Risk | Critical |
| Patch available | YES |
| Number of vulnerabilities | 783 |
| CVE-ID | CVE-2021-47432 CVE-2022-48772 CVE-2023-0160 CVE-2023-38417 CVE-2023-47210 CVE-2023-51780 CVE-2023-52435 CVE-2023-52458 CVE-2023-52472 CVE-2023-52503 CVE-2023-52616 CVE-2023-52618 CVE-2023-52622 CVE-2023-52631 CVE-2023-52635 CVE-2023-52640 CVE-2023-52641 CVE-2023-52645 CVE-2023-52652 CVE-2023-52653 CVE-2023-52656 CVE-2023-52657 CVE-2023-52658 CVE-2023-52659 CVE-2023-52660 CVE-2023-52661 CVE-2023-52662 CVE-2023-52663 CVE-2023-52664 CVE-2023-52667 CVE-2023-52669 CVE-2023-52670 CVE-2023-52671 CVE-2023-52672 CVE-2023-52673 CVE-2023-52674 CVE-2023-52675 CVE-2023-52676 CVE-2023-52678 CVE-2023-52679 CVE-2023-52680 CVE-2023-52681 CVE-2023-52683 CVE-2023-52685 CVE-2023-52686 CVE-2023-52687 CVE-2023-52690 CVE-2023-52691 CVE-2023-52692 CVE-2023-52693 CVE-2023-52694 CVE-2023-52695 CVE-2023-52696 CVE-2023-52697 CVE-2023-52698 CVE-2023-52699 CVE-2023-52735 CVE-2023-52749 CVE-2023-52750 CVE-2023-52751 CVE-2023-52753 CVE-2023-52754 CVE-2023-52757 CVE-2023-52759 CVE-2023-52762 CVE-2023-52763 CVE-2023-52764 CVE-2023-52765 CVE-2023-52766 CVE-2023-52767 CVE-2023-52768 CVE-2023-52769 CVE-2023-52771 CVE-2023-52772 CVE-2023-52773 CVE-2023-52774 CVE-2023-52775 CVE-2023-52776 CVE-2023-52777 CVE-2023-52780 CVE-2023-52781 CVE-2023-52782 CVE-2023-52783 CVE-2023-52784 CVE-2023-52786 CVE-2023-52787 CVE-2023-52788 CVE-2023-52789 CVE-2023-52791 CVE-2023-52792 CVE-2023-52794 CVE-2023-52795 CVE-2023-52796 CVE-2023-52798 CVE-2023-52799 CVE-2023-52800 CVE-2023-52801 CVE-2023-52803 CVE-2023-52804 CVE-2023-52805 CVE-2023-52806 CVE-2023-52807 CVE-2023-52808 CVE-2023-52809 CVE-2023-52810 CVE-2023-52811 CVE-2023-52812 CVE-2023-52813 CVE-2023-52814 CVE-2023-52815 CVE-2023-52816 CVE-2023-52817 CVE-2023-52818 CVE-2023-52819 CVE-2023-52821 CVE-2023-52825 CVE-2023-52826 CVE-2023-52827 CVE-2023-52829 CVE-2023-52832 CVE-2023-52833 CVE-2023-52834 CVE-2023-52835 CVE-2023-52836 CVE-2023-52837 CVE-2023-52838 CVE-2023-52840 CVE-2023-52841 CVE-2023-52842 CVE-2023-52843 CVE-2023-52844 CVE-2023-52845 CVE-2023-52847 CVE-2023-52849 CVE-2023-52850 CVE-2023-52851 CVE-2023-52853 CVE-2023-52854 CVE-2023-52855 CVE-2023-52856 CVE-2023-52857 CVE-2023-52858 CVE-2023-52860 CVE-2023-52861 CVE-2023-52862 CVE-2023-52863 CVE-2023-52864 CVE-2023-52865 CVE-2023-52866 CVE-2023-52867 CVE-2023-52868 CVE-2023-52869 CVE-2023-52870 CVE-2023-52871 CVE-2023-52872 CVE-2023-52873 CVE-2023-52874 CVE-2023-52875 CVE-2023-52876 CVE-2023-52877 CVE-2023-52878 CVE-2023-52879 CVE-2023-52880 CVE-2023-52881 CVE-2023-52882 CVE-2023-52883 CVE-2023-52884 CVE-2023-6238 CVE-2023-7042 CVE-2024-0639 CVE-2024-21823 CVE-2024-22099 CVE-2024-23848 CVE-2024-24861 CVE-2024-25739 CVE-2024-25741 CVE-2024-26601 CVE-2024-26611 CVE-2024-26614 CVE-2024-26615 CVE-2024-26623 CVE-2024-26625 CVE-2024-26632 CVE-2024-26633 CVE-2024-26635 CVE-2024-26636 CVE-2024-26638 CVE-2024-26641 CVE-2024-26642 CVE-2024-26643 CVE-2024-26650 CVE-2024-26652 CVE-2024-26654 CVE-2024-26656 CVE-2024-26657 CVE-2024-26663 CVE-2024-26665 CVE-2024-26671 CVE-2024-26673 CVE-2024-26674 CVE-2024-26676 CVE-2024-26679 CVE-2024-26684 CVE-2024-26685 CVE-2024-26691 CVE-2024-26704 CVE-2024-26714 CVE-2024-26726 CVE-2024-26731 CVE-2024-26733 CVE-2024-26734 CVE-2024-26737 CVE-2024-26739 CVE-2024-26740 CVE-2024-26742 CVE-2024-26750 CVE-2024-26756 CVE-2024-26758 CVE-2024-26760 CVE-2024-26761 CVE-2024-26764 CVE-2024-26767 CVE-2024-26769 CVE-2024-26772 CVE-2024-26773 CVE-2024-26774 CVE-2024-26775 CVE-2024-26780 CVE-2024-26783 CVE-2024-26785 CVE-2024-26786 CVE-2024-26791 CVE-2024-26793 CVE-2024-26794 CVE-2024-26802 CVE-2024-26805 CVE-2024-26807 CVE-2024-26813 CVE-2024-26814 CVE-2024-26815 CVE-2024-26816 CVE-2024-26822 CVE-2024-26826 CVE-2024-26832 CVE-2024-26836 CVE-2024-26842 CVE-2024-26844 CVE-2024-26845 CVE-2024-26846 CVE-2024-26853 CVE-2024-26854 CVE-2024-26855 CVE-2024-26856 CVE-2024-26857 CVE-2024-26858 CVE-2024-26860 CVE-2024-26861 CVE-2024-26862 CVE-2024-26863 CVE-2024-26866 CVE-2024-26868 CVE-2024-26870 CVE-2024-26878 CVE-2024-26881 CVE-2024-26882 CVE-2024-26883 CVE-2024-26884 CVE-2024-26885 CVE-2024-26889 CVE-2024-26899 CVE-2024-26900 CVE-2024-26901 CVE-2024-26903 CVE-2024-26906 CVE-2024-26909 CVE-2024-26920 CVE-2024-26921 CVE-2024-26922 CVE-2024-26923 CVE-2024-26925 CVE-2024-26928 CVE-2024-26932 CVE-2024-26933 CVE-2024-26934 CVE-2024-26935 CVE-2024-26937 CVE-2024-26938 CVE-2024-26940 CVE-2024-26943 CVE-2024-26944 CVE-2024-26945 CVE-2024-26946 CVE-2024-26948 CVE-2024-26949 CVE-2024-26950 CVE-2024-26951 CVE-2024-26957 CVE-2024-26958 CVE-2024-26960 CVE-2024-26961 CVE-2024-26962 CVE-2024-26963 CVE-2024-26964 CVE-2024-26972 CVE-2024-26973 CVE-2024-26978 CVE-2024-26981 CVE-2024-26982 CVE-2024-26983 CVE-2024-26984 CVE-2024-26986 CVE-2024-26988 CVE-2024-26989 CVE-2024-26990 CVE-2024-26991 CVE-2024-26992 CVE-2024-26993 CVE-2024-26994 CVE-2024-26995 CVE-2024-26996 CVE-2024-26997 CVE-2024-26999 CVE-2024-27000 CVE-2024-27001 CVE-2024-27002 CVE-2024-27003 CVE-2024-27004 CVE-2024-27008 CVE-2024-27012 CVE-2024-27013 CVE-2024-27014 CVE-2024-27015 CVE-2024-27016 CVE-2024-27019 CVE-2024-27020 CVE-2024-27022 CVE-2024-27025 CVE-2024-27027 CVE-2024-27028 CVE-2024-27030 CVE-2024-27031 CVE-2024-27046 CVE-2024-27056 CVE-2024-27057 CVE-2024-27062 CVE-2024-27064 CVE-2024-27065 CVE-2024-27067 CVE-2024-27080 CVE-2024-27388 CVE-2024-27389 CVE-2024-27393 CVE-2024-27395 CVE-2024-27396 CVE-2024-27399 CVE-2024-27400 CVE-2024-27401 CVE-2024-27402 CVE-2024-27404 CVE-2024-27405 CVE-2024-27408 CVE-2024-27410 CVE-2024-27411 CVE-2024-27412 CVE-2024-27413 CVE-2024-27414 CVE-2024-27416 CVE-2024-27417 CVE-2024-27418 CVE-2024-27419 CVE-2024-27431 CVE-2024-27432 CVE-2024-27434 CVE-2024-27435 CVE-2024-27436 CVE-2024-33619 CVE-2024-34777 CVE-2024-35247 CVE-2024-35784 CVE-2024-35786 CVE-2024-35788 CVE-2024-35789 CVE-2024-35790 CVE-2024-35791 CVE-2024-35794 CVE-2024-35795 CVE-2024-35796 CVE-2024-35799 CVE-2024-35800 CVE-2024-35801 CVE-2024-35803 CVE-2024-35804 CVE-2024-35805 CVE-2024-35806 CVE-2024-35807 CVE-2024-35808 CVE-2024-35809 CVE-2024-35810 CVE-2024-35811 CVE-2024-35812 CVE-2024-35813 CVE-2024-35814 CVE-2024-35815 CVE-2024-35817 CVE-2024-35819 CVE-2024-35821 CVE-2024-35822 CVE-2024-35823 CVE-2024-35824 CVE-2024-35825 CVE-2024-35827 CVE-2024-35828 CVE-2024-35829 CVE-2024-35830 CVE-2024-35831 CVE-2024-35833 CVE-2024-35834 CVE-2024-35835 CVE-2024-35836 CVE-2024-35837 CVE-2024-35838 CVE-2024-35841 CVE-2024-35842 CVE-2024-35843 CVE-2024-35845 CVE-2024-35847 CVE-2024-35848 CVE-2024-35849 CVE-2024-35850 CVE-2024-35851 CVE-2024-35852 CVE-2024-35853 CVE-2024-35854 CVE-2024-35857 CVE-2024-35860 CVE-2024-35861 CVE-2024-35862 CVE-2024-35863 CVE-2024-35864 CVE-2024-35865 CVE-2024-35866 CVE-2024-35867 CVE-2024-35868 CVE-2024-35872 CVE-2024-35875 CVE-2024-35877 CVE-2024-35878 CVE-2024-35879 CVE-2024-35880 CVE-2024-35883 CVE-2024-35884 CVE-2024-35885 CVE-2024-35886 CVE-2024-35887 CVE-2024-35889 CVE-2024-35890 CVE-2024-35891 CVE-2024-35892 CVE-2024-35893 CVE-2024-35895 CVE-2024-35896 CVE-2024-35898 CVE-2024-35899 CVE-2024-35900 CVE-2024-35901 CVE-2024-35903 CVE-2024-35904 CVE-2024-35905 CVE-2024-35907 CVE-2024-35908 CVE-2024-35909 CVE-2024-35911 CVE-2024-35912 CVE-2024-35914 CVE-2024-35915 CVE-2024-35916 CVE-2024-35917 CVE-2024-35921 CVE-2024-35922 CVE-2024-35924 CVE-2024-35925 CVE-2024-35926 CVE-2024-35927 CVE-2024-35928 CVE-2024-35930 CVE-2024-35931 CVE-2024-35932 CVE-2024-35933 CVE-2024-35934 CVE-2024-35935 CVE-2024-35936 CVE-2024-35937 CVE-2024-35938 CVE-2024-35940 CVE-2024-35942 CVE-2024-35943 CVE-2024-35944 CVE-2024-35945 CVE-2024-35946 CVE-2024-35947 CVE-2024-35950 CVE-2024-35951 CVE-2024-35952 CVE-2024-35953 CVE-2024-35954 CVE-2024-35955 CVE-2024-35956 CVE-2024-35957 CVE-2024-35958 CVE-2024-35959 CVE-2024-35960 CVE-2024-35961 CVE-2024-35962 CVE-2024-35963 CVE-2024-35964 CVE-2024-35965 CVE-2024-35966 CVE-2024-35967 CVE-2024-35969 CVE-2024-35970 CVE-2024-35971 CVE-2024-35972 CVE-2024-35973 CVE-2024-35974 CVE-2024-35975 CVE-2024-35976 CVE-2024-35977 CVE-2024-35978 CVE-2024-35979 CVE-2024-35981 CVE-2024-35982 CVE-2024-35984 CVE-2024-35986 CVE-2024-35989 CVE-2024-35990 CVE-2024-35991 CVE-2024-35992 CVE-2024-35995 CVE-2024-35997 CVE-2024-35998 CVE-2024-35999 CVE-2024-36002 CVE-2024-36003 CVE-2024-36004 CVE-2024-36005 CVE-2024-36006 CVE-2024-36007 CVE-2024-36008 CVE-2024-36009 CVE-2024-36010 CVE-2024-36011 CVE-2024-36012 CVE-2024-36013 CVE-2024-36014 CVE-2024-36015 CVE-2024-36016 CVE-2024-36017 CVE-2024-36018 CVE-2024-36019 CVE-2024-36020 CVE-2024-36021 CVE-2024-36024 CVE-2024-36025 CVE-2024-36026 CVE-2024-36029 CVE-2024-36030 CVE-2024-36032 CVE-2024-36281 CVE-2024-36477 CVE-2024-36478 CVE-2024-36479 CVE-2024-36880 CVE-2024-36882 CVE-2024-36885 CVE-2024-36887 CVE-2024-36889 CVE-2024-36890 CVE-2024-36891 CVE-2024-36893 CVE-2024-36894 CVE-2024-36895 CVE-2024-36896 CVE-2024-36897 CVE-2024-36898 CVE-2024-36899 CVE-2024-36900 CVE-2024-36901 CVE-2024-36902 CVE-2024-36903 CVE-2024-36904 CVE-2024-36906 CVE-2024-36909 CVE-2024-36910 CVE-2024-36911 CVE-2024-36912 CVE-2024-36913 CVE-2024-36914 CVE-2024-36915 CVE-2024-36916 CVE-2024-36917 CVE-2024-36918 CVE-2024-36919 CVE-2024-36921 CVE-2024-36922 CVE-2024-36923 CVE-2024-36924 CVE-2024-36926 CVE-2024-36928 CVE-2024-36930 CVE-2024-36931 CVE-2024-36934 CVE-2024-36935 CVE-2024-36936 CVE-2024-36937 CVE-2024-36938 CVE-2024-36940 CVE-2024-36942 CVE-2024-36944 CVE-2024-36945 CVE-2024-36946 CVE-2024-36947 CVE-2024-36949 CVE-2024-36950 CVE-2024-36951 CVE-2024-36952 CVE-2024-36955 CVE-2024-36957 CVE-2024-36959 CVE-2024-36960 CVE-2024-36962 CVE-2024-36964 CVE-2024-36965 CVE-2024-36967 CVE-2024-36969 CVE-2024-36971 CVE-2024-36972 CVE-2024-36973 CVE-2024-36975 CVE-2024-36977 CVE-2024-36978 CVE-2024-37021 CVE-2024-37078 CVE-2024-37353 CVE-2024-37354 CVE-2024-38381 CVE-2024-38384 CVE-2024-38385 CVE-2024-38388 CVE-2024-38390 CVE-2024-38391 CVE-2024-38539 CVE-2024-38540 CVE-2024-38541 CVE-2024-38543 CVE-2024-38544 CVE-2024-38546 CVE-2024-38547 CVE-2024-38548 CVE-2024-38549 CVE-2024-38550 CVE-2024-38551 CVE-2024-38552 CVE-2024-38553 CVE-2024-38554 CVE-2024-38555 CVE-2024-38556 CVE-2024-38557 CVE-2024-38558 CVE-2024-38562 CVE-2024-38564 CVE-2024-38565 CVE-2024-38566 CVE-2024-38567 CVE-2024-38568 CVE-2024-38569 CVE-2024-38570 CVE-2024-38571 CVE-2024-38572 CVE-2024-38573 CVE-2024-38575 CVE-2024-38578 CVE-2024-38579 CVE-2024-38580 CVE-2024-38581 CVE-2024-38582 CVE-2024-38583 CVE-2024-38586 CVE-2024-38587 CVE-2024-38588 CVE-2024-38590 CVE-2024-38591 CVE-2024-38592 CVE-2024-38594 CVE-2024-38595 CVE-2024-38597 CVE-2024-38598 CVE-2024-38599 CVE-2024-38600 CVE-2024-38601 CVE-2024-38602 CVE-2024-38603 CVE-2024-38604 CVE-2024-38605 CVE-2024-38608 CVE-2024-38610 CVE-2024-38611 CVE-2024-38615 CVE-2024-38616 CVE-2024-38617 CVE-2024-38618 CVE-2024-38619 CVE-2024-38621 CVE-2024-38622 CVE-2024-38627 CVE-2024-38628 CVE-2024-38629 CVE-2024-38630 CVE-2024-38633 CVE-2024-38634 CVE-2024-38635 CVE-2024-38636 CVE-2024-38659 CVE-2024-38661 CVE-2024-38663 CVE-2024-38664 CVE-2024-38780 CVE-2024-39276 CVE-2024-39277 CVE-2024-39291 CVE-2024-39296 CVE-2024-39301 CVE-2024-39362 CVE-2024-39371 CVE-2024-39463 CVE-2024-39466 CVE-2024-39468 CVE-2024-39469 CVE-2024-39471 CVE-2024-39472 CVE-2024-39473 CVE-2024-39474 CVE-2024-39475 CVE-2024-39479 CVE-2024-39481 CVE-2024-39482 CVE-2024-39487 CVE-2024-39490 CVE-2024-39494 CVE-2024-39496 CVE-2024-39498 CVE-2024-39502 CVE-2024-39504 CVE-2024-39507 CVE-2024-40901 CVE-2024-40906 CVE-2024-40908 CVE-2024-40919 CVE-2024-40923 CVE-2024-40925 CVE-2024-40928 CVE-2024-40931 CVE-2024-40935 CVE-2024-40937 CVE-2024-40940 CVE-2024-40947 CVE-2024-40948 CVE-2024-40953 CVE-2024-40960 CVE-2024-40961 CVE-2024-40966 CVE-2024-40970 CVE-2024-40972 CVE-2024-40975 CVE-2024-40979 CVE-2024-40998 CVE-2024-40999 CVE-2024-41006 CVE-2024-41011 CVE-2024-41013 CVE-2024-41014 CVE-2024-41017 CVE-2024-41090 CVE-2024-41091 |
| CWE-ID | CWE-190 CWE-476 CWE-667 CWE-20 CWE-362 CWE-119 CWE-416 CWE-665 CWE-125 CWE-200 CWE-401 CWE-477 CWE-388 CWE-415 CWE-191 CWE-908 CWE-399 CWE-617 CWE-682 CWE-264 CWE-451 CWE-120 CWE-502 CWE-754 CWE-824 CWE-284 CWE-833 CWE-835 CWE-369 CWE-404 CWE-366 CWE-193 CWE-787 CWE-252 CWE-269 |
| Exploitation vector | Network |
| Public exploit | Vulnerability #635 is being exploited in the wild. |
| Vulnerable software |
SUSE Real Time Module Operating systems & Components / Operating system SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-6_4_0-150600_10_5-rt Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource Operating systems & Components / Operating system package or component kernel-rt Operating systems & Components / Operating system package or component kernel-rt_debug Operating systems & Components / Operating system package or component kernel-source-rt Operating systems & Components / Operating system package or component kernel-devel-rt Operating systems & Components / Operating system package or component ocfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-optional Operating systems & Components / Operating system package or component kernel-syms-rt Operating systems & Components / Operating system package or component kernel-rt-debugsource Operating systems & Components / Operating system package or component dlm-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-extra Operating systems & Components / Operating system package or component dlm-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-optional-debuginfo Operating systems & Components / Operating system package or component kernel-rt-livepatch-devel Operating systems & Components / Operating system package or component kernel-rt_debug-vdso-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-debuginfo Operating systems & Components / Operating system package or component kselftests-kmp-rt Operating systems & Components / Operating system package or component ocfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-rt_debug-devel-debuginfo Operating systems & Components / Operating system package or component kernel-rt-vdso-debuginfo Operating systems & Components / Operating system package or component kernel-rt-devel Operating systems & Components / Operating system package or component gfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-devel-debuginfo Operating systems & Components / Operating system package or component kernel-rt-vdso Operating systems & Components / Operating system package or component kernel-rt_debug-vdso Operating systems & Components / Operating system package or component kselftests-kmp-rt-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-debugsource Operating systems & Components / Operating system package or component reiserfs-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-devel Operating systems & Components / Operating system package or component cluster-md-kmp-rt Operating systems & Components / Operating system package or component reiserfs-kmp-rt Operating systems & Components / Operating system package or component kernel-rt_debug-livepatch-devel Operating systems & Components / Operating system package or component kernel-rt-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-extra-debuginfo Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 783 vulnerabilities.
EUVDB-ID: #VU91179
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47432
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the __genradix_iter_peek() function in lib/generic-radix-tree.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93327
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48772
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lgdt3306a_probe() function in drivers/media/dvb-frontends/lgdt3306a.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90810
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-0160
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96264
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-38417
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker on the local network can send specially crafted packets to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96262
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-47210
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker on the local network can send specially crafted packets to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85024
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-51780
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in the ATM (Asynchronous Transfer Mode) subsystem in Linux kernel. A local user can exploit the race and escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU87748
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52435
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the skb_segment() function. A local user can trigger memory corruption and crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90657
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52458
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the blkpg_do_ioctl() function in block/ioctl.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91244
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52472
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rsa_check_exponent_fips() function in crypto/rsa.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90234
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52503
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the destroy_session(), amdtee_open_session() and amdtee_close_session() functions in drivers/tee/amdtee/core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91556
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52616
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the mpi_ec_init() function in lib/mpi/ec.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93617
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52618
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the rnbd_srv_get_full_path() function in drivers/block/rnbd/rnbd-srv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93471
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52622
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the alloc_flex_gd() and ext4_setup_next_flex_gd() functions in fs/ext4/resize.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91240
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52631
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fs/ntfs3/ntfs_fs.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92045
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52635
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the devfreq_monitor(), devfreq_monitor_start() and devfreq_monitor_stop() functions in drivers/devfreq/devfreq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90331
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52640
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ntfs_list_ea() function in fs/ntfs3/xattr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90592
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52641
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ni_find_attr() and run_truncate_around() functions in fs/ntfs3/attrib.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91477
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52645
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the scpsys_add_subdomain() and scpsys_remove_one_domain() functions in drivers/soc/mediatek/mtk-pm-domains.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91353
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52652
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the pci_vntb_probe() function in drivers/pci/endpoint/functions/pci-epf-vntb.c, within the EXPORT_SYMBOL() and ntb_register_device() functions in drivers/ntb/core.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90459
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52653
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gss_import_v2_context() function in net/sunrpc/auth_gss/gss_krb5_mech.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93856
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52656
CWE-ID:
CWE-477 - Use of Obsolete Function
Exploit availability: No
DescriptionThe vulnerability allows a local user to have negative impact on system performance.
The vulnerability exists due to usage of dead code related to SCM_RIGHTS within the io_allocate_scq_urings(), io_ring_ctx_free(), and io_cqring_wait() function in fs/io_uring.c. A local user can influence system performance.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92943
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52657
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the si_dpm_enable() and si_dpm_process_interrupt() functions in drivers/gpu/drm/amd/pm/legacy-dpm/si_dpm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93683
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52658
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the esw_inline_mode_to_devlink() and mlx5_devlink_eswitch_mode_set() functions in drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93682
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52659
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the arch/x86/include/asm/page.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92057
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52660
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the rkisp1_isp_isr() function in drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c, within the rkisp1_runtime_suspend() and rkisp1_runtime_resume() functions in drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c, within the rkisp1_csi_isr() function in drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c, within the rkisp1_capture_isr() function in drivers/media/platform/rockchip/rkisp1/rkisp1-capture.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90948
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52661
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the tegra_dc_rgb_probe() function in drivers/gpu/drm/tegra/rgb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90444
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52662
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vmw_gmrid_man_get_node() function in drivers/gpu/drm/vmwgfx/vmwgfx_gmrid_manager.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89987
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52663
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amd_sof_acp_probe() function in sound/soc/sof/amd/acp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90893
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52664
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the aq_vec_ring_alloc() function in drivers/net/ethernet/aquantia/atlantic/aq_vec.c, within the aq_get_rxpages(), aq_ring_alloc(), aq_ring_rx_alloc() and aq_ring_hwts_rx_alloc() functions in drivers/net/ethernet/aquantia/atlantic/aq_ring.c, within the aq_ptp_ring_alloc() function in drivers/net/ethernet/aquantia/atlantic/aq_ptp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90922
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52667
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the fs_any_create_groups() function in drivers/net/ethernet/mellanox/mlx5/core/en/fs_tt_redirect.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91423
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52669
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ctr_paes_crypt() function in arch/s390/crypto/paes_s390.c, within the ctr_aes_crypt() function in arch/s390/crypto/aes_s390.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89988
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52670
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the virtio_rpmsg_release_device() function in drivers/rpmsg/virtio_rpmsg_bus.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91668
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52671
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the optc32_disable_crtc() function in drivers/gpu/drm/amd/display/dc/dcn32/dcn32_optc.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92024
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52672
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pipe_resize_ring() and pipe_set_size() functions in fs/pipe.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90552
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52673
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the capabilities_show() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91392
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52674
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the scarlett2_mixer_ctl_put() function in sound/usb/mixer_scarlett_gen2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90547
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52675
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the update_events_in_group() function in arch/powerpc/perf/imc-pmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93061
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52676
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the check_ptr_to_map_access() and check_stack_access_within_bounds() functions in kernel/bpf/verifier.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93452
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52678
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the kfd_create_indirect_link_prop() and kfd_add_peer_prop() functions in drivers/gpu/drm/amd/amdkfd/kfd_topology.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90892
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52679
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the of_unittest_parse_phandle_with_args() and of_unittest_parse_phandle_with_args_map() functions in drivers/of/unittest.c, within the of_parse_phandle_with_args_map() function in drivers/of/base.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93618
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52680
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the scarlett2_sync_ctl_get(), scarlett2_master_volume_ctl_get(), scarlett2_volume_ctl_get(), scarlett2_mute_ctl_get(), scarlett2_level_enum_ctl_get(), scarlett2_pad_ctl_get(), scarlett2_air_ctl_get(), scarlett2_phantom_ctl_get(), scarlett2_direct_monitor_ctl_get(), scarlett2_speaker_switch_enum_ctl_get(), scarlett2_talkback_enum_ctl_get(), scarlett2_dim_mute_ctl_get() and scarlett2_mux_src_enum_ctl_get() functions in sound/usb/mixer_scarlett_gen2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93768
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52681
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the efivarfs_init_fs_context() function in fs/efivarfs/super.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91424
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52683
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the lpit_update_residency() function in drivers/acpi/acpi_lpit.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91437
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52685
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the persistent_ram_init_ecc() function in fs/pstore/ram_core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90548
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52686
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the opal_event_init() function in arch/powerpc/platforms/powernv/opal-irqchip.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90945
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52687
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the safexcel_send_req() function in drivers/crypto/inside-secure/safexcel_cipher.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89981
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52690
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the scom_debug_init_one() function in arch/powerpc/platforms/powernv/opal-xscom.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90921
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52691
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the si_dpm_init() function in drivers/gpu/drm/amd/amdgpu/si_dpm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93619
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52692
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the scarlett2_usb_set_config() function in sound/usb/mixer_scarlett_gen2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91678
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52693
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the acpi_video_dev_register_backlight() function in drivers/acpi/acpi_video.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91606
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52694
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the tpd12s015_probe() function in drivers/gpu/drm/bridge/ti-tpd12s015.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90549
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52695
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the create_validate_stream_for_sink() and dm_update_crtc_state() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90550
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52696
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the opal_powercap_init() function in arch/powerpc/platforms/powernv/opal-powercap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94127
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52697
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sof_sdw_rt_sdca_jack_exit() function in sound/soc/intel/boards/sof_sdw_rt_sdca_jack_common.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89982
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52698
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the netlbl_calipso_ops_register(), netlbl_calipso_add_pass() and netlbl_calipso_genl_init() functions in net/netlabel/netlabel_calipso.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90751
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52699
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the block_end(), get_branch(), get_block() and find_shared() functions in fs/sysv/itree.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91621
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52735
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sock_map_unhash(), sock_map_destroy() and sock_map_close() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90534
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52749
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the spi_unregister_controller(), __spi_transfer_message_noqueue() and __spi_sync() functions in drivers/spi/spi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90935
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52750
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the arch/arm64/Kconfig. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90063
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52751
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the find_or_create_cached_dir(), spin_unlock() and open_cached_dir() functions in fs/smb/client/cached_dir.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91226
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52753
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dc_stream_get_vblank_counter() and dc_stream_get_scanoutpos() functions in drivers/gpu/drm/amd/display/dc/core/dc_stream.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90854
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52754
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the imon_probe() function in drivers/media/rc/imon.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90069
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52757
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the alloc_mid() function in fs/smb/client/transport.c, within the __smb2_handle_cancelled_cmd() function in fs/smb/client/smb2misc.c, within the cifs_compose_mount_options(), __release_mid() and cifs_get_tcon_super() functions in fs/smb/client/cifsproto.h. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90905
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52759
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the qd_check_sync() function in fs/gfs2/quota.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93622
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52762
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the virtblk_probe() function in drivers/block/virtio_blk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93590
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52763
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the hci_dat_v1_init(), hci_dat_v1_cleanup() and hci_dat_v1_free_entry() functions in drivers/i3c/master/mipi-i3c-hci/dat_v1.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90278
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52764
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the set_flicker() function in drivers/media/usb/gspca/cpia1.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90838
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52765
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the DEFINE_MUTEX(), qcom_pmic_get_base_usid(), qcom_pmic_get() and pmic_spmi_probe() functions in drivers/mfd/qcom-spmi-pmic.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91086
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52766
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hci_dma_irq_handler() function in drivers/i3c/master/mipi-i3c-hci/dma.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93261
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52767
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tls_sw_splice_eof() function in net/tls/tls_sw.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89837
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52768
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a boundary condition within the wilc_wlan_init() function in drivers/net/wireless/microchip/wilc1000/wlan.c. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90070
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52769
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath12k_htt_mlo_offset_event_handler() function in drivers/net/wireless/ath/ath12k/dp_rx.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90066
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52771
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the grandparent() function in drivers/cxl/core/port.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90073
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52772
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the unix_stream_recv_urg() function in net/unix/af_unix.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90418
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52773
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_dm_i2c_xfer() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91504
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52774
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dasd_profile_start() function in drivers/s390/block/dasd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93425
Risk: Medium
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-52775
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the smcr_clnt_conf_first_link() function in net/smc/af_smc.c when handling SMC DECLINE messages. A remote attacker can send specially crafted SMC DECLINE message to the system, trigger memory corruption and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90074
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52776
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath12k_wmi_pdev_dfs_radar_detected_event() and ath12k_wmi_pdev_temperature_event() functions in drivers/net/wireless/ath/ath12k/wmi.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90072
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52777
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath11k_wmi_gtk_offload_status_event() function in drivers/net/wireless/ath/ath11k/wmi.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90416
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52780
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mvneta_ethtool_get_strings(), mvneta_ethtool_pp_stats() and mvneta_ethtool_get_stats() functions in drivers/net/ethernet/marvell/mvneta.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93611
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52781
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the usb_get_bos_descriptor() function in drivers/usb/core/config.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92015
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52782
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5e_txwqe_complete() function in drivers/net/ethernet/mellanox/mlx5/core/en_tx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90537
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52783
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the txgbe_sw_init() function in drivers/net/ethernet/wangxun/txgbe/txgbe_main.c, within the ngbe_sw_init() function in drivers/net/ethernet/wangxun/ngbe/ngbe_main.c, within the wx_sw_init() function in drivers/net/ethernet/wangxun/libwx/wx_hw.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93650
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52784
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the bond_setup_by_slave() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92014
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52786
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_dio_write_iter() function in fs/ext4/file.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92966
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52787
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the blk_mq_get_new_requests(), blk_mq_get_cached_request() and blk_mq_submit_bio() functions in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91228
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52788
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i915_perf_open_ioctl(), i915_perf_add_config_ioctl() and i915_perf_remove_config_ioctl() functions in drivers/gpu/drm/i915/i915_perf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90421
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52789
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vcc_probe() and vcc_table_remove() functions in drivers/tty/vcc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93438
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52791
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the drivers/i2c/i2c-core.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91677
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52792
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the cxl_region_attach() function in drivers/cxl/core/region.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90280
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52794
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the module_param_cb() function in drivers/thermal/intel/intel_powerclamp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90888
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52795
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the vhost_vdpa_probe() function in drivers/vhost/vdpa.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91506
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52796
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ipvlan_addr_lookup(), IS_ENABLED() and ipvlan_process_v6_outbound() functions in drivers/net/ipvlan/ipvlan_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90075
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52798
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath11k_wmi_pdev_dfs_radar_detected_event() function in drivers/net/wireless/ath/ath11k/wmi.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90281
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52799
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbAllocCtl(), dbFindCtl(), dbAllocDmapLev(), dbAdjTree() and dbFindLeaf() functions in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90071
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52800
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath11k_htt_pktlog() function in drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90078
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52801
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iopt_area_split() function in drivers/iommu/iommufd/io_pagetable.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90079
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52803
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rpc_clnt_remove_pipedir() and rpc_setup_pipedir() functions in net/sunrpc/clnt.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90284
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52804
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbMount() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90283
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52805
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the diInitInode() and diAlloc() functions in fs/jfs/jfs_imap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92064
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52806
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_hdac_stream_assign() function in sound/hda/hdac_stream.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90287
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52807
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hns3_get_coal_info() function in drivers/net/ethernet/hisilicon/hns3/hns3_debugfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90420
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52808
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the debugfs_bist_init_v3_hw() and debugfs_init_v3_hw() functions in drivers/scsi/hisi_sas/hisi_sas_v3_hw.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90419
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52809
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fc_lport_ptp_setup() function in drivers/scsi/libfc/fc_lport.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90285
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52810
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbMount() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90535
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52811
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ibmvfc_get_event(), ibmvfc_queuecommand(), ibmvfc_bsg_timeout(), ibmvfc_bsg_plogi(), ibmvfc_bsg_request(), ibmvfc_reset_device(), ibmvfc_init_tmf(), ibmvfc_cancel_all_mq(), ibmvfc_abort_task_set(), ibmvfc_tgt_send_prli(), ibmvfc_tgt_send_plogi(), __ibmvfc_tgt_get_implicit_logout_evt(), ibmvfc_tgt_implicit_logout(), ibmvfc_tgt_move_login(), ibmvfc_adisc_timeout(), ibmvfc_tgt_adisc(), ibmvfc_tgt_query_target(), ibmvfc_discover_targets(), ibmvfc_channel_setup(), ibmvfc_channel_enquiry(), ibmvfc_npiv_login() and ibmvfc_npiv_logout() functions in drivers/scsi/ibmvscsi/ibmvfc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91085
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52812
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the smu_v13_0_update_pcie_parameters() function in drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91607
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52813
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the pcrypt_aead_encrypt() function in crypto/pcrypt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90538
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52814
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_device_gpu_recover() function in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90429
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52815
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_vkms_conn_get_modes() function in drivers/gpu/drm/amd/amdgpu/amdgpu_vkms.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90286
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52816
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the svm_range_apply_attrs() function in drivers/gpu/drm/amd/amdkfd/kfd_svm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90432
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52817
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_debugfs_regs_smc_read() and amdgpu_debugfs_regs_smc_write() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90289
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52818
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/gpu/drm/amd/include/pptable.h, drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90288
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52819
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90430
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52821
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the versatile_panel_get_modes() function in drivers/gpu/drm/panel/panel-arm-versatile.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90077
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52825
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the svm_range_vram_node_free() function in drivers/gpu/drm/amd/amdkfd/kfd_svm.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90454
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52826
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tpg110_get_modes() function in drivers/gpu/drm/panel/panel-tpo-tpg110.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91388
Risk: Low
CVSSv4.0: 4.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52827
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to read data or crash the application.
The vulnerability exists due to an out-of-bounds read error within the ath12k_htt_pull_ppdu_stats() function in drivers/net/wireless/ath/ath12k/dp_rx.c. A local user can read data or crash the application.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91389
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52829
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ath12k_wmi_ext_hal_reg_caps() function in drivers/net/wireless/ath/ath12k/wmi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91425
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52832
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the ieee80211_get_tx_power() function in net/mac80211/cfg.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90452
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52833
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btusb_mtk_hci_wmt_sync() function in drivers/bluetooth/btusb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93304
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52834
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the atl1c_set_mac_addr(), atl1c_init_ring_ptrs(), atl1c_free_ring_resources(), atl1c_rx_checksum() and atl1c_alloc_rx_buffer() functions in drivers/net/ethernet/atheros/atl1c/atl1c_main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91084
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52835
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rb_alloc_aux() function in kernel/events/ring_buffer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91505
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52836
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the list_for_each_entry_safe(), stress_one_work() and stress() functions in kernel/locking/test-ww_mutex.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90080
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52837
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nbd_dev_remove(), nbd_release() and IS_ENABLED() functions in drivers/block/nbd.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90933
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52838
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the imsttfb_probe() function in drivers/video/fbdev/imsttfb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91056
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52840
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rmi_unregister_function() function in drivers/input/rmi4/rmi_bus.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89945
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52841
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vidtv_mux_init() and vidtv_channel_si_destroy() functions in drivers/media/test-drivers/vidtv/vidtv_mux.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90869
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52842
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the virtio_transport_alloc_skb() function in net/vmw_vsock/virtio_transport_common.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90868
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52843
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the llc_station_ac_send_test_r() function in net/llc/llc_station.c, within the llc_sap_action_send_test_r() function in net/llc/llc_s_ac.c, within the llc_fixup_skb() function in net/llc/llc_input.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90448
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52844
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vidtv_psi_service_desc_init() and kstrdup() functions in drivers/media/test-drivers/vidtv/vidtv_psi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90867
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52845
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the net/tipc/netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91054
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52847
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bttv_remove() function in drivers/media/pci/bt8xx/bttv-driver.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90445
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52849
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cxl_memdev_unregister() function in drivers/cxl/core/memdev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90440
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52850
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hantro_watchdog() function in drivers/media/platform/verisilicon/hantro_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90076
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52851
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlx5_ib_stage_post_ib_reg_umr_init() function in drivers/infiniband/hw/mlx5/main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91229
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52853
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cp2112_gpio_irq_startup() and cp2112_probe() functions in drivers/hid/hid-cp2112.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90083
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52854
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL() function in kernel/padata.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90435
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52855
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/usb/dwc2/hcd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90434
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52856
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lt8912_bridge_detach() function in drivers/gpu/drm/bridge/lontium-lt8912b.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91178
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52857
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the mtk_plane_update_new_state() function in drivers/gpu/drm/mediatek/mtk_drm_plane.c, within the mtk_drm_gem_dumb_create() function in drivers/gpu/drm/mediatek/mtk_drm_gem.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90433
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52858
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_topckgen_init(), mtk_infrasys_init() and mtk_pericfg_init() functions in drivers/clk/mediatek/clk-mt7629.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90458
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52860
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hns3_pmu_init_pmu() and hns3_pmu_uninit_pmu() functions in drivers/perf/hisilicon/hns3_pmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90456
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52861
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the it66121_audio_get_eld() function in drivers/gpu/drm/bridge/ite-it66121.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90427
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52862
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_dm_init() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90426
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52863
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the axi_fan_control_probe() function in drivers/hwmon/axi-fan-control.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91198
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52864
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the wmi_dev_match() function in drivers/platform/x86/wmi.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90425
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52865
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_topckgen_init(), mtk_infrasys_init_early() and mtk_infrasys_init() functions in drivers/clk/mediatek/clk-mt6797.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93294
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52866
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the hid_test_uclogic_parse_ugee_v2_desc() function in drivers/hid/hid-uclogic-params-test.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91308
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52867
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the drivers/gpu/drm/radeon/evergreen.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93616
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52868
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the thermal_zone_bind_cooling_device() function in drivers/thermal/thermal_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90423
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52869
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pstore_register() function in fs/pstore/platform.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90460
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52870
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the clk_mt6765_apmixed_probe(), clk_mt6765_top_probe() and clk_mt6765_ifr_probe() functions in drivers/clk/mediatek/clk-mt6765.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93143
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52871
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the qcom_llcc_probe() function in drivers/soc/qcom/llcc-qcom.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91466
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52872
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the gsm_modem_upd_via_msc() function in drivers/tty/n_gsm.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90428
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52873
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the clk_mt6779_apmixed_probe() and clk_mt6779_top_probe() functions in drivers/clk/mediatek/clk-mt6779.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93142
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52874
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SYM_FUNC_END() function in arch/x86/coco/tdx/tdcall.S. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90424
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52875
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_topckgen_init(), mtk_infrasys_init_early(), mtk_infrasys_init() and mtk_pericfg_init() functions in drivers/clk/mediatek/clk-mt2701.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90413
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52876
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the clk_mt7629_ethsys_init() and clk_mt7629_sgmiisys_init() functions in drivers/clk/mediatek/clk-mt7629-eth.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90422
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52877
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tcpm_pd_svdm() function in drivers/usb/typec/tcpm/tcpm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91083
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52878
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the can_put_echo_skb() function in drivers/net/can/dev/skb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90084
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52879
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the apply_event_filter() function in kernel/trace/trace_events_filter.c, within the remove_subsystem(), event_enable_read(), event_enable_write(), event_filter_read() and trace_create_new_event() functions in kernel/trace/trace_events.c, within the register_event_command() function in kernel/trace/trace.h, within the tracing_open_file_tr() and tracing_release_file_tr() functions in kernel/trace/trace.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89899
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52880
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to missing permissions checks within the gsmld_open() function in drivers/tty/n_gsm.c. A local user with CAP_NET_ADMIN capability can create a GSM network.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89895
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-52881
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to an error within the tcp_ack() function in net/ipv4/tcp_input.c, which can result in system accepting ACK responses for bytes that were never sent. A remote attacker can perform spoofing attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93673
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52882
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sun50i_h6_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-h6.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92917
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52883
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_vm_bo_update() function in drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93035
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52884
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cyapa_suspend() and cyapa_resume() functions in drivers/input/mouse/cyapa.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92724
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-6238
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to execute arbitrary code.
A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85422
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-7042
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() function in drivers/net/wireless/ath/ath10k/wmi-tlv.c. A local user can pass specially crafted data to the driver and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88894
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-0639
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to improper locking within the sctp_auto_asconf_init() function in net/sctp/socket.c. A local user can crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89676
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-21823
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insecure deserialization in hardware logic. A local user can perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU87192
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-22099
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the rfcomm_check_security() function in /net/bluetooth/rfcomm/core.c. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91600
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-23848
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. A local user can perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91634
Risk: Low
CVSSv4.0: 2 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-24861
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the xc4000 xc4000_get_frequency() function in the media/xc4000 device driver. A local user can exploit the race and escalate privileges on the system.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92399
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-25739
CWE-ID:
CWE-754 - Improper Check for Unusual or Exceptional Conditions
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper check for unusual or exceptional conditions error within the ubi_read_volume_table() function in drivers/mtd/ubi/vtbl.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94364
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-25741
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the printer_write() in drivers/usb/gadget/function/f_printer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93770
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26601
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_generate_buddy() and mb_free_blocks() functions in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90628
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26611
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bpf_sk_base_func_proto(), bpf_xdp_frags_increase_tail() and bpf_xdp_frags_shrink_tail() functions in net/core/filter.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91320
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-26614
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the reqsk_queue_alloc() function in net/core/request_sock.c. A remote attacker can send specially crafted ACK packets to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90627
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26615
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __smc_diag_dump() function in net/smc/smc_diag.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90630
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26623
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pdsc_setup(), pdsc_stop() and pdsc_fw_down() functions in drivers/net/ethernet/amd/pds_core/core.c, within the pdsc_process_notifyq(), pdsc_process_adminq(), pds_core_intr_credits(), pdsc_adminq_isr(), pdsc_adminq_post() and queue_work() functions in drivers/net/ethernet/amd/pds_core/adminq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU87344
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-26625
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error in net/llc/af_llc.c when handling orphan sockets. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90621
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26632
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/bio.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89267
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-26633
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error in NEXTHDR_FRAGMENT handling within the ip6_tnl_parse_tlv_enc_lim() function in net/ipv6/ip6_tunnel.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90880
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26635
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the cpu_to_be16() function in net/llc/llc_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90859
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26636
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the llc_ui_sendmsg() function in net/llc/af_llc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90881
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26638
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the __sock_xmit() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89396
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-26641
CWE-ID:
CWE-824 - Access of Uninitialized Pointer
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to access to uninitialized data within the __ip6_tnl_rcv() function in net/ipv6/ip6_tunnel.c. A remote attacker can send specially crafted data to the system and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88150
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26642
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper access restrictions within the nf_tables_newset() function in net/netfilter/nf_tables_api.c. A local user can set arbitrary timeouts, which can result in a denial of service condition.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88135
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26643
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nf_tables_unbind_set() function in net/netfilter/nf_tables_api.c. A local user can exploit the race and escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89238
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26650
CWE-ID:
CWE-833 - Deadlock
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a deadlock in drivers/platform/x86/p2sb.c. A local user can perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90898
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26652
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the pdsc_auxbus_dev_register() function in drivers/net/ethernet/amd/pds_core/auxbus.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88148
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26654
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in sound/sh/aica.c. A local user can exploit the race and escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88145
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26656
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to crash the kernel.
The vulnerability exists due to a use-after-free error in drivers/gpu/drm/amd/amdgpu/amdgpu_hmm.c. A local user can send a single amdgpu_gem_userptr_ioctl
to the AMDGPU DRM driver on any ASICs with an invalid address and size and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88146
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26657
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in drivers/gpu/drm/scheduler/sched_entity.c. A local user can send an amdgpu_cs_wait_ioctl to the AMDGPU DRM driver on any ASICs with valid context and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92073
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26663
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tipc_nl_bearer_add() function in net/tipc/bearer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90336
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26665
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iptunnel_pmtud_build_icmpv6() function in net/ipv4/ip_tunnel_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92977
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26671
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the blk_mq_mark_tag_wait() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94118
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26673
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the nft_ct_expect_obj_init() function in net/netfilter/nft_ct.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92946
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26674
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the SYM_CODE_START_LOCAL() function in arch/x86/lib/putuser.S, within the SYM_CODE_END() function in arch/x86/lib/getuser.S. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90337
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26676
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the unix_gc() function in net/unix/garbage.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92044
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26679
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the EXPORT_SYMBOL() function in net/ipv4/af_inet.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90952
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26684
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dwxgmac3_handle_dma_err(), dwxgmac3_safety_feat_config(), dwxgmac3_safety_feat_irq_status() and dwxgmac3_safety_feat_dump() functions in drivers/net/ethernet/stmicro/stmmac/dwxgmac2_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91481
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26685
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nilfs_segctor_prepare_write(), nilfs_abort_logs() and nilfs_segctor_complete_write() functions in fs/nilfs2/segment.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91532
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26691
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kvm_hyp_reserve(), __pkvm_create_hyp_vm() and pkvm_create_hyp_vm() functions in arch/arm64/kvm/pkvm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90929
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26704
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the ext4_move_extents() function in fs/ext4/move_extent.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94137
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26714
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the drivers/interconnect/qcom/sc8180x.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90791
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26726
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the clear_extent_uptodate() function in fs/btrfs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90593
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26731
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sk_psock_verdict_data_ready() function in net/core/skmsg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92952
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26733
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the arp_req_get() function in net/ipv4/arp.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90009
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26734
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the devlink_init() function in net/devlink/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88938
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26737
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition between the bpf_timer_cancel_and_free and bpf_timer_cancel calls in kernel/bpf/helpers.c. A local user can exploit the race and escalate privileges on the system.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90214
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26739
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tcf_mirred_to_dev() function in net/sched/act_mirred.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90789
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26740
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mirred_egress_to_ingress_tcp_test() function in tools/testing/selftests/net/forwarding/tc_actions.sh, within the is_mirred_nested() and tcf_mirred_to_dev() functions in net/sched/act_mirred.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93205
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26742
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the pqi_map_queues() function in drivers/scsi/smartpqi/smartpqi_init.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90327
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26750
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the unix_gc() function in net/unix/garbage.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93777
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26756
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the raid5_run() and raid5_start_reshape() functions in drivers/md/raid5.c, within the raid10_run() and clear_bit() functions in drivers/md/raid10.c, within the md_start_sync() function in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93873
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26758
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90599
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26760
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/target/target_core_pscsi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93779
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26761
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __cxl_hdm_decode_init() function in drivers/cxl/core/pci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93844
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26764
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kiocb_set_cancel_fn() and aio_prep_rw() functions in fs/aio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91415
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26767
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the link_validate_dpia_bandwidth() function in drivers/gpu/drm/amd/display/dc/link/link_validation.c, within the get_firmware_info_v3_2(), get_integrated_info_v11(), get_integrated_info_v2_1() and get_integrated_info_v2_2() functions in drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90787
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26769
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvmet_fc_tgt_a_get(), __nvmet_fc_finish_ls_req() and nvmet_fc_register_targetport() functions in drivers/nvme/target/fc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92041
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26772
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_find_by_goal() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93787
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26773
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_try_best_found() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93751
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26774
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the mb_update_avg_fragment_size() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90786
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26775
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the aoeblk_gdalloc() function in drivers/block/aoe/aoeblk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90330
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26780
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the unix_gc() function in net/unix/garbage.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93473
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26783
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the numamigrate_isolate_page() function in mm/migrate.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92040
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26785
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the iommufd_test_syz_conv_iova(), iommufd_test_syz_conv_iova_id(), iommufd_test_access_pages() and iommufd_test_access_rw() functions in drivers/iommu/iommufd/selftest.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93748
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26786
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the iopt_add_access() function in drivers/iommu/iommufd/io_pagetable.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91098
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26791
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the btrfs_check_replace_dev_names() and btrfs_dev_replace_by_ioctl() functions in fs/btrfs/dev-replace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90211
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26793
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gtp_init() function in drivers/net/gtp.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90783
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26794
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the emit_fiemap_extent() function in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90589
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26802
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the stmmac_fpe_stop_wq() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90879
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26805
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the netlink_group_mask() function in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91202
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26807
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the cqspi_remove(), cqspi_suspend() and cqspi_resume() functions in drivers/spi/spi-cadence-quadspi.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90588
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26813
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vfio_platform_set_irq_unmask(), vfio_automasked_irq_handler(), vfio_irq_handler(), vfio_set_trigger(), vfio_platform_set_irq_trigger(), vfio_platform_set_irqs_ioctl(), vfio_platform_irq_init() and vfio_platform_irq_cleanup() functions in drivers/vfio/platform/vfio_platform_irq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92058
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26814
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the vfio_fsl_mc_set_irq_trigger() function in drivers/vfio/fsl-mc/vfio_fsl_mc_intr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90326
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26815
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the NLA_POLICY_MAX() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91650
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26816
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the print_absolute_relocs() function in arch/x86/tools/relocs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93872
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26822
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to improper management of internal resources within the automount_fullpath() and cifs_do_automount() functions in fs/smb/client/namespace.c. A local user can force the SMB client to reuse its parent mount uid, gid and cruid and gain unauthorized access to information.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92038
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26826
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __mptcp_retransmit_pending_data() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91478
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26832
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the zswap_writeback_entry() function in mm/zswap.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93776
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26836
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the current_value_store() function in drivers/platform/x86/think-lmi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91097
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26842
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ufshcd_cmd_inflight() and ufshcd_clear_cmd() functions in drivers/ufs/core/ufshcd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93610
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26844
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bio_copy_user_iov() function in block/blk-map.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93388
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26845
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the transport_generic_handle_tmr() function in drivers/target/target_core_transport.c, within the transport_lookup_tmr_lun() and rcu_dereference_raw() functions in drivers/target/target_core_device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90896
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26846
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the LIST_HEAD(), nvme_fc_free_lport(), nvme_fc_init_module(), device_destroy() and nvme_fc_delete_controllers() functions in drivers/nvme/host/fc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91201
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26853
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the igc_xdp_xmit() function in drivers/net/ethernet/intel/igc/igc_main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91525
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26854
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ice_dpll_init() function in drivers/net/ethernet/intel/ice/ice_dpll.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90576
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26855
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_bridge_setlink() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91063
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26856
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sparx5_del_mact_entry() function in drivers/net/ethernet/microchip/sparx5/sparx5_mactable.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90876
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26857
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the geneve_rx() function in drivers/net/geneve.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90570
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26858
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5e_txwqe_complete() function in drivers/net/ethernet/mellanox/mlx5/core/en_tx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89999
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26860
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dm_integrity_rw_tag() function in drivers/md/dm-integrity.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91433
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26861
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the decrypt_packet(), counter_validate() and wg_packet_rx_poll() functions in drivers/net/wireguard/receive.c. A local user can manipulate data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91434
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26862
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the packet_setsockopt() and packet_getsockopt() functions in net/packet/af_packet.c, within the dev_queue_xmit_nit() function in net/core/dev.c. A local user can manipulate data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90877
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26863
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the hsr_get_node() function in net/hsr/hsr_framereg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90196
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26866
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90571
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26868
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ff_layout_cancel_io() function in fs/nfs/flexfilelayout/flexfilelayout.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92006
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26870
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nfs4_listxattr() function in fs/nfs/nfs4proc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90574
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26878
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dquot_mark_dquot_dirty(), __dquot_alloc_space(), dquot_alloc_inode(), EXPORT_SYMBOL(), dquot_claim_space_nodirty(), dquot_reclaim_space_nodirty(), __dquot_free_space(), dquot_free_inode() and __dquot_transfer() functions in fs/quota/dquot.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90578
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26881
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hclge_ptp_get_rx_hwts() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_ptp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90878
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26882
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to use of uninitialized resource within the ip_tunnel_rcv() function in net/ipv4/ip_tunnel.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91602
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26883
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the stack_map_alloc() function in kernel/bpf/stackmap.c on a 32-bit platform. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91604
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26884
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the htab_map_alloc() function in kernel/bpf/hashtab.c on 32-bit platforms. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89840
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26885
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the dev_map_init_map() function in kernel/bpf/devmap.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91312
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26889
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the hci_get_dev_info() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90780
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26899
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the DEFINE_MUTEX(), bd_link_disk_holder(), kfree() and bd_unlink_disk_holder() functions in block/holder.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90468
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26900
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bind_rdev_to_array() function in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91363
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26901
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to information disclosure within the do_sys_name_to_handle() function in fs/fhandle.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92070
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26903
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rfcomm_process_rx() function in net/bluetooth/rfcomm/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92944
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26906
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the copy_from_kernel_nofault_allowed() function in arch/x86/mm/maccess.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90198
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26909
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pmic_glink_altmode_probe() function in drivers/soc/qcom/pmic_glink_altmode.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93805
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26920
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the register_snapshot_trigger() function in kernel/trace/trace_events_trigger.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91672
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26921
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the nf_ct_frag6_queue() and nf_ct_frag6_gather() functions in net/ipv6/netfilter/nf_conntrack_reasm.c, within the ip_frag_queue() and ip_defrag() functions in net/ipv4/ip_fragment.c, within the FRAG_CB(), inet_frag_queue_insert(), inet_frag_reasm_prepare(), EXPORT_SYMBOL() and inet_frag_reasm_finish() functions in net/ipv4/inet_fragment.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89054
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26922
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the amdgpu_vm_bo_insert_map(), amdgpu_vm_bo_map(), amdgpu_vm_bo_replace_map(), and amdgpu_vm_bo_clear_mappings() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c. A local user can pass specially crafted input to the driver and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92035
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26923
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper locking within the unix_gc() function in net/unix/garbage.c due to garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. A local user can execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92034
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26925
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __nf_tables_abort() and nf_tables_abort() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90192
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26928
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_debug_files_proc_show() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90926
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26932
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to a double free error within the tcpm_port_unregister_pd() function in drivers/usb/typec/tcpm/tcpm.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90777
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26933
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the disable_show() and disable_store() functions in drivers/usb/core/port.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90776
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26934
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the interface_authorized_store() function in drivers/usb/core/sysfs.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91358
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26935
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the scsi_host_dev_release() function in drivers/scsi/hosts.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90909
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26937
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the gen11_emit_fini_breadcrumb_rcs() function in drivers/gpu/drm/i915/gt/intel_lrc.c, within the __engine_park() function in drivers/gpu/drm/i915/gt/intel_engine_pm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92986
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26938
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the intel_bios_encoder_supports_dp_dual_mode() function in drivers/gpu/drm/i915/display/intel_bios.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93394
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26940
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vmw_debugfs_resource_managers_init() function in drivers/gpu/drm/vmwgfx/vmwgfx_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90527
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26943
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nouveau_dmem_evict_chunk() function in drivers/gpu/drm/nouveau/nouveau_dmem.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90182
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26944
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_load_block_group_zone_info(), bitmap_free() and do_zone_finish() functions in fs/btrfs/zoned.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91376
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26945
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the save_iaa_wq() and remove_iaa_wq() functions in drivers/crypto/intel/iaa/iaa_crypto_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93686
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26946
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the can_probe() function in arch/x86/kernel/kprobes/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94134
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26948
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dc_state_free() function in drivers/gpu/drm/amd/display/dc/core/dc_state.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90562
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26949
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the smu_v13_0_7_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c, within the smu_v13_0_0_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c, within the sienna_cichlid_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c, within the navi10_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c, within the arcturus_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91460
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26950
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the get_peer() function in drivers/net/wireguard/netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90187
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26951
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the wg_get_device_dump() function in drivers/net/wireguard/netlink.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91062
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26957
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zcrypt_pick_queue() and zcrypt_drop_queue() functions in drivers/s390/crypto/zcrypt_api.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90183
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26958
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the , within the wait_on_commit() function in fs/nfs/write.c, within the nfs_direct_commit_schedule() function in fs/nfs/direct.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91475
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26960
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the __swap_entry_free_locked() and free_swap_and_cache() functions in mm/swapfile.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90186
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26961
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mac802154_llsec_key_del_rcu() function in net/mac802154/llsec.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90775
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26962
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the make_stripe_request(), raid5_make_request(), raid5_start() and raid5_init() functions in drivers/md/raid5.c, within the is_suspended() and md_account_bio() functions in drivers/md/md.c, within the raid_map(), raid_message(), raid_presuspend() and raid_resume() functions in drivers/md/dm-raid.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93601
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26963
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dwc3_ti_remove_core() and dwc3_ti_remove() functions in drivers/usb/dwc3/dwc3-am62.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90561
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26964
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xhci_map_temp_buffer() function in drivers/usb/host/xhci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90465
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26972
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mutex_unlock() function in fs/ubifs/dir.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91360
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26973
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the fat_encode_fh_nostale() function in fs/fat/nfs.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90559
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26978
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the max310x_i2c_slave_addr() function in drivers/tty/serial/max310x.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90318
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26981
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nilfs_type_by_mode[() function in fs/nilfs2/dir.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90857
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26982
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the squashfs_new_inode() function in fs/squashfs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90188
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26983
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xbc_alloc_mem(), xbc_parse_tree() and xbc_init() functions in lib/bootconfig.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90557
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26984
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nv50_instobj_acquire() function in drivers/gpu/drm/nouveau/nvkm/subdev/instmem/nv50.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89994
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26986
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kfd_create_process() function in drivers/gpu/drm/amd/amdkfd/kfd_process.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93305
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26988
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the setup_command_line() function in init/main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93297
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26989
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kernel_page_present() function in arch/arm64/mm/pageattr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93760
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26990
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the kvm_tdp_mmu_try_split_huge_pages(), kvm_tdp_mmu_clear_dirty_slot() and clear_dirty_pt_masked() functions in arch/x86/kvm/mmu/tdp_mmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90319
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26991
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the kvm_arch_post_set_memory_attributes() function in arch/x86/kvm/mmu/mmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91356
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26992
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the vmx_get_perf_capabilities() function in arch/x86/kvm/vmx/vmx.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91355
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26993
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the sysfs_break_active_protection() function in fs/sysfs/file.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93243
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26994
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the get_word() function in drivers/accessibility/speakup/main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91175
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26995
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the tcpm_pd_set() function in drivers/usb/typec/tcpm/tcpm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90184
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26996
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ncm_set_alt() and ncm_disable() functions in drivers/usb/gadget/function/f_ncm.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93871
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26997
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the dwc2_cmpl_host_isoc_dma_desc() function in drivers/usb/dwc2/hcd_ddma.c in DDMA completion flow. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91449
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26999
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pmz_receive_chars() function in drivers/tty/serial/pmac_zilog.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91450
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27000
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mxs_auart_set_ldisc() and mxs_auart_irq_handle() functions in drivers/tty/serial/mxs-auart.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92969
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27001
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vmk80xx_find_usb_endpoints() function in drivers/comedi/drivers/vmk80xx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90772
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27002
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mtk_clk_simple_probe() and mtk_free_clk_data() functions in drivers/clk/mediatek/clk-mtk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90771
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27003
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the clk_summary_show_subtree(), clk_summary_show() and clk_dump_show() functions in drivers/clk/clk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90770
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27004
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the HLIST_HEAD(), clk_pm_runtime_put(), clk_unprepare_unused_subtree(), clk_disable_unused_subtree(), __setup(), clk_disable_unused(), __clk_release() and __clk_register() functions in drivers/clk/clk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91095
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27008
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the apply_dcb_encoder_quirks() and fabricate_dcb_encoder_table() functions in drivers/gpu/drm/nouveau/nouveau_bios.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90461
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27012
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nft_rbtree_activate() and nft_rbtree_walk() functions in net/netfilter/nft_set_rbtree.c, within the nft_pipapo_activate() and nft_pipapo_walk() functions in net/netfilter/nft_set_pipapo.c, within the nft_rhash_activate(), nft_rhash_walk(), nft_hash_activate() and nft_hash_walk() functions in net/netfilter/nft_set_hash.c, within the nft_bitmap_activate() and nft_bitmap_walk() functions in net/netfilter/nft_set_bitmap.c, within the nft_mapelem_deactivate(), nft_map_catchall_deactivate(), nft_setelem_validate(), nf_tables_bind_check_setelem(), nft_mapelem_activate(), nft_map_catchall_activate(), nf_tables_dump_setelem(), nft_setelem_activate(), nft_setelem_flush() and nf_tables_loop_check_setelem() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91521
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27013
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tun_put_user() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90768
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27014
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5e_arfs_enable(), arfs_del_rules(), arfs_handle_work() and mlx5e_rx_flow_steer() functions in drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94132
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27015
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nf_flow_tuple_encap() function in net/netfilter/nf_flow_table_ip.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94131
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27016
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nf_flow_xmit_xfrm(), nf_flow_skb_encap_protocol() and nf_flow_encap_pop() functions in net/netfilter/nf_flow_table_ip.c, within the nf_flow_offload_inet_hook() function in net/netfilter/nf_flow_table_inet.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91431
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27019
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a data race within the __nft_obj_type_get() and nft_obj_type_get() functions in net/netfilter/nf_tables_api.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91432
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27020
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to a data race within the __nft_expr_type_get() and nft_expr_type_get() functions in net/netfilter/nf_tables_api.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92030
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27022
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the dup_mmap() function in kernel/fork.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93453
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27025
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nbd_genl_status() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93758
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27027
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the dpll_xa_ref_pin_del() and dpll_xa_ref_dpll_del() functions in drivers/dpll/dpll_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90555
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27028
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_spi_interrupt() function in drivers/spi/spi-mt65xx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91473
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27030
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the rvu_queue_work(), rvu_mbox_intr_handler() and rvu_register_interrupts() functions in drivers/net/ethernet/marvell/octeontx2/af/rvu.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90764
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27031
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfs_netfs_issue_read() function in fs/nfs/fscache.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90519
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27046
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nfp_fl_lag_do_work() function in drivers/net/ethernet/netronome/nfp/flower/lag_conf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92983
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27056
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the iwl_mvm_sta_ensure_queue() function in drivers/net/wireless/intel/iwlwifi/mvm/sta.c, within the __iwl_mvm_suspend() function in drivers/net/wireless/intel/iwlwifi/mvm/d3.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92984
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27057
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sof_ipc4_set_multi_pipeline_state() function in sound/soc/sof/ipc4-pcm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91471
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27062
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nvkm_object_search() and nvkm_object_remove() functions in drivers/gpu/drm/nouveau/nvkm/core/object.c, within the nvkm_client_new() function in drivers/gpu/drm/nouveau/nvkm/core/client.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89993
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27064
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nf_tables_updchain() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94105
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27065
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the nf_tables_updtable() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93195
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27067
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the evtchn_free_ring(), evtchn_interrupt() and evtchn_unbind_from_user() functions in drivers/xen/evtchn.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90766
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27080
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the try_release_extent_state(), flush_fiemap_cache(), emit_fiemap_extent(), fiemap_search_slot(), fiemap_process_hole(), extent_fiemap(), i_size_read() and unlock_extent() functions in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90449
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27388
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gssx_dec_option_array() function in net/sunrpc/auth_gss/gss_rpc_xdr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91608
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27389
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the pstore_put_backend_records() function in fs/pstore/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89353
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27393
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to perform DoS attack on the target system.
The vulnerability exists due memory leak within the xennet_alloc_one_rx_buffer() function in xen-netback implementation. A malicious guest userspace process can exhaust memory resources within the guest kernel and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90169
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27395
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ovs_ct_limit_exit() function in net/openvswitch/conntrack.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90168
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27396
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gtp_dellink() function in drivers/net/gtp.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89673
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-27399
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dreference error within the l2cap_chan_timeout() function in net/bluetooth/l2cap_core.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89674
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27400
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources in amdgpu driver. A local user can crash the OS kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89675
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27401
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the packet_buffer_get() function in drivers/firewire/nosy.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92026
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27402
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pep_sock_enable() and pep_ioctl() functions in net/phonet/pep.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91428
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27404
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the subflow_finish_connect(), __mptcp_subflow_connect() and subflow_ulp_clone() functions in net/mptcp/subflow.c, within the fill_remote_addresses_vec() and mptcp_pm_nl_rm_addr_or_subflow() functions in net/mptcp/pm_netlink.c. A local user can manipulate data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93154
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27405
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/usb/gadget/function/f_ncm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91470
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27408
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the dw_edma_v0_core_write_chunk() and dw_edma_v0_core_start() functions in drivers/dma/dw-edma/dw-edma-v0-core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93870
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27410
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the nl80211_set_interface() function in net/wireless/nl80211.c. A local user can manipulate with the interface mesh ID and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93804
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27411
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the r535_gsp_postinit() and r535_gsp_dtor() functions in drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93194
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27412
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bq27xxx_battery_i2c_remove() function in drivers/power/supply/bq27xxx_battery_i2c.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93470
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27413
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the efi_capsule_open() function in drivers/firmware/efi/capsule-loader.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92951
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27414
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the rtnl_bridge_setlink() function in net/core/rtnetlink.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93869
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27416
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to an error within the hci_io_capa_request_evt() function in net/bluetooth/hci_event.c when handling HCI_EV_IO_CAPA_REQUEST packets. A remote attacker on the local network can force the system to assume that the remote peer
does support SSP and potentially gain access to sensitive information.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91349
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27417
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the inet6_rtm_getaddr() function in net/ipv6/addrconf.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91348
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27418
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the mctp_local_output() function in net/mctp/route.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91429
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27419
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the nr_state1_machine(), nr_state2_machine() and nr_state3_machine() functions in net/netrom/nr_in.c, within the nr_rx_frame() function in net/netrom/af_netrom.c. A local user can manipulate data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92003
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27431
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the cpu_map_bpf_prog_run_xdp() function in kernel/bpf/cpumap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93774
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27432
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mtk_ppe_start() and mtk_ppe_stop() functions in drivers/net/ethernet/mediatek/mtk_ppe.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93681
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27434
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the iwl_mvm_get_sec_flags() function in drivers/net/wireless/intel/iwlwifi/mvm/mld-key.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90758
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27435
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_alloc_admin_tag_set() and nvme_alloc_io_tag_set() functions in drivers/nvme/host/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93594
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27436
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds write within the convert_chmap() function in sound/usb/stream.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93041
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-33619
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the efi_free() function in drivers/firmware/efi/libstub/fdt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93172
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-34777
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the map_benchmark_ioctl() function in kernel/dma/map_benchmark.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93122
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35247
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fpga_region_get(), fpga_region_put(), ATTRIBUTE_GROUPS(), fpga_region_register_full(), ERR_PTR() and EXPORT_SYMBOL_GPL() functions in drivers/fpga/fpga-region.c, within the fpga_region_register_full() function in Documentation/driver-api/fpga/fpga-region.rst. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90757
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35784
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fiemap_process_hole(), extent_fiemap(), btrfs_free_path() and emit_last_fiemap_cache() functions in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90759
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35786
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nouveau_gem_ioctl_pushbuf() function in drivers/gpu/drm/nouveau/nouveau_gem.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90311
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35788
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dcn35_clk_mgr_helper_populate_bw_params() function in drivers/gpu/drm/amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90167
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35789
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ieee80211_change_station() function in net/mac80211/cfg.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90554
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35790
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hpd_show(), dp_altmode_probe(), dp_altmode_remove() and module_typec_altmode_driver() functions in drivers/usb/typec/altmodes/displayport.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90165
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35791
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the svm_register_enc_region() function in arch/x86/kvm/svm/sev.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90760
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35794
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the md_clean() and __md_stop_writes() functions in drivers/md/md.c, within the raid_message(), raid_postsuspend(), raid_preresume() and raid_resume() functions in drivers/md/dm-raid.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90756
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35795
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the amdgpu_debugfs_mqd_read() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90553
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35796
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the temac_probe() function in drivers/net/ethernet/xilinx/ll_temac_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93448
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35799
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dce110_disable_stream() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_hw_sequencer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93056
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35800
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the generic_ops_supported() function in drivers/firmware/efi/efi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93680
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35801
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the fpu__init_cpu_xstate() function in arch/x86/kernel/fpu/xstate.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93151
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35803
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SYM_FUNC_START(), SYM_FUNC_START_LOCAL() and SYM_DATA_END() functions in arch/x86/boot/compressed/efi_mixed.S. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93152
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35804
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the emulator_cmpxchg_emulated() function in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91519
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35805
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dm_exception_table_exit() function in drivers/md/dm-snap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90755
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35806
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qm_congestion_task() and qman_create_cgr() functions in drivers/soc/fsl/qbman/qman.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo: before 1-150600.1.5.1
kernel-livepatch-6_4_0-150600_10_5-rt: before 1-150600.1.5.1
kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource: before 1-150600.1.5.1
kernel-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug: before 6.4.0-150600.10.5.1
kernel-source-rt: before 6.4.0-150600.10.5.1
kernel-devel-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-optional: before 6.4.0-150600.10.5.1
kernel-syms-rt: before 6.4.0-150600.10.5.1
kernel-rt-debugsource: before 6.4.0-150600.10.5.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-extra: before 6.4.0-150600.10.5.1
dlm-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.5.1
kselftests-kmp-rt: before 6.4.0-150600.10.5.1
ocfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel: before 6.4.0-150600.10.5.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt-vdso: before 6.4.0-150600.10.5.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.5.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.5.1
kernel-rt_debug-devel: before 6.4.0-150600.10.5.1
cluster-md-kmp-rt: before 6.4.0-150600.10.5.1
reiserfs-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.5.1
kernel-rt-debuginfo: before 6.4.0-150600.10.5.1
gfs2-kmp-rt: before 6.4.0-150600.10.5.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.5.1
CPE2.3