SUSE update for the Linux Kernel



| Updated: 2024-12-04
Risk Low
Patch available YES
Number of vulnerabilities 393
CVE-ID CVE-2023-52489
CVE-2023-52581
CVE-2023-52668
CVE-2023-52688
CVE-2023-52756
CVE-2023-52766
CVE-2023-52800
CVE-2023-52802
CVE-2023-52859
CVE-2023-52885
CVE-2023-52886
CVE-2023-52887
CVE-2023-52889
CVE-2024-26590
CVE-2024-26631
CVE-2024-26637
CVE-2024-26668
CVE-2024-26669
CVE-2024-26677
CVE-2024-26682
CVE-2024-26683
CVE-2024-26735
CVE-2024-26758
CVE-2024-26767
CVE-2024-26808
CVE-2024-26809
CVE-2024-26812
CVE-2024-26835
CVE-2024-26837
CVE-2024-26849
CVE-2024-26851
CVE-2024-26889
CVE-2024-26920
CVE-2024-26976
CVE-2024-27010
CVE-2024-27011
CVE-2024-27024
CVE-2024-27049
CVE-2024-27050
CVE-2024-27079
CVE-2024-27403
CVE-2024-27433
CVE-2024-27437
CVE-2024-31076
CVE-2024-35855
CVE-2024-35897
CVE-2024-35902
CVE-2024-35913
CVE-2024-35939
CVE-2024-35949
CVE-2024-36270
CVE-2024-36286
CVE-2024-36288
CVE-2024-36489
CVE-2024-36881
CVE-2024-36907
CVE-2024-36929
CVE-2024-36933
CVE-2024-36939
CVE-2024-36970
CVE-2024-36979
CVE-2024-38548
CVE-2024-38563
CVE-2024-38609
CVE-2024-38662
CVE-2024-39476
CVE-2024-39483
CVE-2024-39484
CVE-2024-39486
CVE-2024-39488
CVE-2024-39489
CVE-2024-39491
CVE-2024-39493
CVE-2024-39497
CVE-2024-39499
CVE-2024-39500
CVE-2024-39501
CVE-2024-39505
CVE-2024-39506
CVE-2024-39508
CVE-2024-39509
CVE-2024-39510
CVE-2024-40899
CVE-2024-40900
CVE-2024-40902
CVE-2024-40903
CVE-2024-40904
CVE-2024-40905
CVE-2024-40909
CVE-2024-40910
CVE-2024-40911
CVE-2024-40912
CVE-2024-40913
CVE-2024-40916
CVE-2024-40920
CVE-2024-40921
CVE-2024-40922
CVE-2024-40924
CVE-2024-40926
CVE-2024-40927
CVE-2024-40929
CVE-2024-40930
CVE-2024-40932
CVE-2024-40934
CVE-2024-40936
CVE-2024-40938
CVE-2024-40939
CVE-2024-40941
CVE-2024-40942
CVE-2024-40943
CVE-2024-40944
CVE-2024-40945
CVE-2024-40954
CVE-2024-40956
CVE-2024-40957
CVE-2024-40958
CVE-2024-40959
CVE-2024-40962
CVE-2024-40964
CVE-2024-40967
CVE-2024-40976
CVE-2024-40977
CVE-2024-40978
CVE-2024-40981
CVE-2024-40982
CVE-2024-40984
CVE-2024-40987
CVE-2024-40988
CVE-2024-40989
CVE-2024-40990
CVE-2024-40992
CVE-2024-40994
CVE-2024-40995
CVE-2024-40997
CVE-2024-41000
CVE-2024-41001
CVE-2024-41002
CVE-2024-41004
CVE-2024-41007
CVE-2024-41009
CVE-2024-41010
CVE-2024-41011
CVE-2024-41012
CVE-2024-41015
CVE-2024-41016
CVE-2024-41020
CVE-2024-41022
CVE-2024-41024
CVE-2024-41025
CVE-2024-41028
CVE-2024-41032
CVE-2024-41035
CVE-2024-41036
CVE-2024-41037
CVE-2024-41038
CVE-2024-41039
CVE-2024-41040
CVE-2024-41041
CVE-2024-41044
CVE-2024-41045
CVE-2024-41048
CVE-2024-41049
CVE-2024-41050
CVE-2024-41051
CVE-2024-41056
CVE-2024-41057
CVE-2024-41058
CVE-2024-41059
CVE-2024-41060
CVE-2024-41061
CVE-2024-41062
CVE-2024-41063
CVE-2024-41064
CVE-2024-41065
CVE-2024-41066
CVE-2024-41068
CVE-2024-41069
CVE-2024-41070
CVE-2024-41071
CVE-2024-41072
CVE-2024-41073
CVE-2024-41074
CVE-2024-41075
CVE-2024-41076
CVE-2024-41078
CVE-2024-41079
CVE-2024-41080
CVE-2024-41081
CVE-2024-41084
CVE-2024-41087
CVE-2024-41088
CVE-2024-41089
CVE-2024-41092
CVE-2024-41093
CVE-2024-41094
CVE-2024-41095
CVE-2024-41096
CVE-2024-41097
CVE-2024-41098
CVE-2024-42064
CVE-2024-42069
CVE-2024-42070
CVE-2024-42073
CVE-2024-42074
CVE-2024-42076
CVE-2024-42077
CVE-2024-42079
CVE-2024-42080
CVE-2024-42082
CVE-2024-42085
CVE-2024-42086
CVE-2024-42087
CVE-2024-42089
CVE-2024-42090
CVE-2024-42092
CVE-2024-42093
CVE-2024-42095
CVE-2024-42096
CVE-2024-42097
CVE-2024-42098
CVE-2024-42101
CVE-2024-42104
CVE-2024-42105
CVE-2024-42106
CVE-2024-42107
CVE-2024-42109
CVE-2024-42110
CVE-2024-42113
CVE-2024-42114
CVE-2024-42115
CVE-2024-42117
CVE-2024-42119
CVE-2024-42120
CVE-2024-42121
CVE-2024-42122
CVE-2024-42124
CVE-2024-42125
CVE-2024-42126
CVE-2024-42127
CVE-2024-42130
CVE-2024-42131
CVE-2024-42132
CVE-2024-42133
CVE-2024-42136
CVE-2024-42137
CVE-2024-42138
CVE-2024-42139
CVE-2024-42141
CVE-2024-42142
CVE-2024-42143
CVE-2024-42144
CVE-2024-42145
CVE-2024-42147
CVE-2024-42148
CVE-2024-42152
CVE-2024-42153
CVE-2024-42155
CVE-2024-42156
CVE-2024-42157
CVE-2024-42158
CVE-2024-42159
CVE-2024-42161
CVE-2024-42162
CVE-2024-42223
CVE-2024-42224
CVE-2024-42225
CVE-2024-42226
CVE-2024-42227
CVE-2024-42228
CVE-2024-42229
CVE-2024-42230
CVE-2024-42232
CVE-2024-42236
CVE-2024-42237
CVE-2024-42238
CVE-2024-42239
CVE-2024-42240
CVE-2024-42241
CVE-2024-42244
CVE-2024-42245
CVE-2024-42246
CVE-2024-42247
CVE-2024-42250
CVE-2024-42253
CVE-2024-42259
CVE-2024-42268
CVE-2024-42269
CVE-2024-42270
CVE-2024-42271
CVE-2024-42274
CVE-2024-42276
CVE-2024-42277
CVE-2024-42278
CVE-2024-42279
CVE-2024-42280
CVE-2024-42281
CVE-2024-42283
CVE-2024-42284
CVE-2024-42285
CVE-2024-42286
CVE-2024-42287
CVE-2024-42288
CVE-2024-42289
CVE-2024-42290
CVE-2024-42291
CVE-2024-42292
CVE-2024-42295
CVE-2024-42298
CVE-2024-42301
CVE-2024-42302
CVE-2024-42303
CVE-2024-42308
CVE-2024-42309
CVE-2024-42310
CVE-2024-42311
CVE-2024-42312
CVE-2024-42313
CVE-2024-42314
CVE-2024-42315
CVE-2024-42316
CVE-2024-42318
CVE-2024-42319
CVE-2024-42320
CVE-2024-42322
CVE-2024-43816
CVE-2024-43817
CVE-2024-43818
CVE-2024-43819
CVE-2024-43821
CVE-2024-43823
CVE-2024-43824
CVE-2024-43825
CVE-2024-43826
CVE-2024-43829
CVE-2024-43830
CVE-2024-43831
CVE-2024-43833
CVE-2024-43834
CVE-2024-43837
CVE-2024-43839
CVE-2024-43840
CVE-2024-43841
CVE-2024-43842
CVE-2024-43846
CVE-2024-43847
CVE-2024-43849
CVE-2024-43850
CVE-2024-43851
CVE-2024-43853
CVE-2024-43854
CVE-2024-43855
CVE-2024-43856
CVE-2024-43858
CVE-2024-43860
CVE-2024-43861
CVE-2024-43863
CVE-2024-43864
CVE-2024-43866
CVE-2024-43867
CVE-2024-43871
CVE-2024-43872
CVE-2024-43873
CVE-2024-43874
CVE-2024-43875
CVE-2024-43876
CVE-2024-43877
CVE-2024-43879
CVE-2024-43880
CVE-2024-43881
CVE-2024-43882
CVE-2024-43883
CVE-2024-43884
CVE-2024-43885
CVE-2024-43889
CVE-2024-43892
CVE-2024-43893
CVE-2024-43894
CVE-2024-43895
CVE-2024-43897
CVE-2024-43899
CVE-2024-43900
CVE-2024-43902
CVE-2024-43903
CVE-2024-43905
CVE-2024-43906
CVE-2024-43907
CVE-2024-43908
CVE-2024-43909
CVE-2024-43911
CVE-2024-43912
CVE-2024-44931
CVE-2024-44938
CVE-2024-44939
CWE-ID CWE-362
CWE-401
CWE-667
CWE-119
CWE-125
CWE-416
CWE-476
CWE-388
CWE-366
CWE-20
CWE-190
CWE-399
CWE-835
CWE-825
CWE-404
CWE-908
CWE-191
CWE-415
CWE-200
CWE-843
CWE-617
CWE-682
CWE-369
Exploitation vector Local
Public exploit N/A
Vulnerable software
SUSE Real Time Module
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

kernel-livepatch-6_4_0-150600_10_8-rt
Operating systems & Components / Operating system package or component

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource
Operating systems & Components / Operating system package or component

kernel-rt_debug
Operating systems & Components / Operating system package or component

kernel-rt
Operating systems & Components / Operating system package or component

kernel-source-rt
Operating systems & Components / Operating system package or component

kernel-devel-rt
Operating systems & Components / Operating system package or component

kselftests-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-extra-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel
Operating systems & Components / Operating system package or component

kernel-rt-devel-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-optional-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-vdso
Operating systems & Components / Operating system package or component

kernel-syms-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-optional
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt
Operating systems & Components / Operating system package or component

dlm-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-debugsource
Operating systems & Components / Operating system package or component

dlm-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-vdso-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-debugsource
Operating systems & Components / Operating system package or component

gfs2-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-extra
Operating systems & Components / Operating system package or component

kernel-rt_debug-livepatch-devel
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-devel
Operating systems & Components / Operating system package or component

kernel-rt-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 393 vulnerabilities.

1) Race condition

EUVDB-ID: #VU89388

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52489

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the section_deactivate() function in mm/sparse.c. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Memory leak

EUVDB-ID: #VU89385

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52581

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform DoS attack on the target system.

The vulnerability exists due memory leak within the nft_trans_gc_space() function in net/netfilter/nf_tables_api.c. A local user can force the system to leak memory and perform denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper locking

EUVDB-ID: #VU91517

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52668

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the btrfs_zone_activate() function in fs/btrfs/zoned.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Buffer overflow

EUVDB-ID: #VU93803

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52688

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the ath12k_core_qmi_firmware_ready() function in drivers/net/wireless/ath/ath12k/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Buffer overflow

EUVDB-ID: #VU91307

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52756

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the include/linux/pwm.h. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Out-of-bounds read

EUVDB-ID: #VU91086

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52766

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the hci_dma_irq_handler() function in drivers/i3c/master/mipi-i3c-hci/dma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free

EUVDB-ID: #VU90071

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52800

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ath11k_htt_pktlog() function in drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) NULL pointer dereference

EUVDB-ID: #VU90536

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52802

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the stm32_adc_probe() function in drivers/iio/adc/stm32-adc-core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

EUVDB-ID: #VU90081

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52859

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hisi_sllc_pmu_probe() function in drivers/perf/hisilicon/hisi_uncore_sllc_pmu.c, within the hisi_pa_pmu_probe() function in drivers/perf/hisilicon/hisi_uncore_pa_pmu.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Use-after-free

EUVDB-ID: #VU94326

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52885

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the svc_tcp_listen_data_ready() function in net/sunrpc/svcsock.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Out-of-bounds read

EUVDB-ID: #VU94434

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52886

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the get_bMaxPacketSize0(), hub_port_init(), hub_port_connect() and usb_reset_and_verify_device() functions in drivers/usb/core/hub.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Improper error handling

EUVDB-ID: #VU95018

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52887

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the j1939_xtp_rx_rts_session_new() function in net/can/j1939/transport.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) NULL pointer dereference

EUVDB-ID: #VU96132

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52889

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the apparmor_socket_sock_rcv_skb() function in security/apparmor/lsm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) NULL pointer dereference

EUVDB-ID: #VU90663

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26590

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the z_erofs_do_map_blocks() function in fs/erofs/zmap.c, within the z_erofs_parse_cfgs() function in fs/erofs/decompressor.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Race condition within a thread

EUVDB-ID: #VU91436

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26631

CWE-ID: CWE-366 - Race Condition within a Thread

Exploit availability: No

Description

The vulnerability allows a local user to manipulate data.

The vulnerability exists due to a data race within the ipv6_mc_down() function in net/ipv6/mcast.c. A local user can manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Input validation error

EUVDB-ID: #VU93692

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26637

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ath11k_mac_op_add_interface() and ath11k_mac_txpower_recalc() functions in drivers/net/wireless/ath/ath11k/mac.c, within the ath11k_debugfs_add_interface() function in drivers/net/wireless/ath/ath11k/debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Integer overflow

EUVDB-ID: #VU91180

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26668

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the nft_limit_eval() and nft_limit_init() functions in net/netfilter/nft_limit.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Memory leak

EUVDB-ID: #VU90010

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26669

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the fl_tmplt_destroy() function in net/sched/cls_flower.c, within the tcf_block_playback_offloads() and tc_chain_tmplt_add() functions in net/sched/cls_api.c, within the void() function in include/net/sch_generic.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Input validation error

EUVDB-ID: #VU94139

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26677

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the rxrpc_propose_delay_ACK(), rxrpc_send_initial_ping() and rxrpc_input_call_event() functions in net/rxrpc/call_event.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Input validation error

EUVDB-ID: #VU94141

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26682

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ieee80211_mgd_csa_present(), ieee80211_mgd_auth() and ieee80211_mgd_assoc() functions in net/mac80211/mlme.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Input validation error

EUVDB-ID: #VU93177

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26683

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the cfg80211_update_hidden_bsses() and cfg80211_update_known_bss() functions in net/wireless/scan.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use-after-free

EUVDB-ID: #VU90215

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26735

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the seg6_init() function in net/ipv6/seg6.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Resource management error

EUVDB-ID: #VU93873

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26758

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Infinite loop

EUVDB-ID: #VU91415

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26767

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the link_validate_dpia_bandwidth() function in drivers/gpu/drm/amd/display/dc/link/link_validation.c, within the get_firmware_info_v3_2(), get_integrated_info_v11(), get_integrated_info_v2_1() and get_integrated_info_v2_2() functions in drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Expired pointer dereference

EUVDB-ID: #VU93809

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26808

CWE-ID: CWE-825 - Expired pointer dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a stale reference within the nf_tables_netdev_event() function in net/netfilter/nft_chain_filter.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Improper resource shutdown or release

EUVDB-ID: #VU93747

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26809

CWE-ID: CWE-404 - Improper Resource Shutdown or Release

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to failure to properly release resources within the nft_pipapo_destroy() function in net/netfilter/nft_set_pipapo.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Improper locking

EUVDB-ID: #VU91529

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26812

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the vfio_send_intx_eventfd(), vfio_intx_handler() and vfio_pci_set_intx_trigger() functions in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Resource management error

EUVDB-ID: #VU93772

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26835

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the nf_tables_updtable() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Improper locking

EUVDB-ID: #VU92039

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26837

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the switchdev_obj_eq() and switchdev_port_obj_del() functions in net/switchdev/switchdev.c, within the br_switchdev_mdb_replay_one() and br_switchdev_mdb_replay() functions in net/bridge/br_switchdev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Use of uninitialized resource

EUVDB-ID: #VU90875

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26849

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the sizeof() function in lib/nlattr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Out-of-bounds read

EUVDB-ID: #VU91096

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26851

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the decode_seq() function in net/netfilter/nf_conntrack_h323_asn1.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Buffer overflow

EUVDB-ID: #VU91312

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26889

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the hci_get_dev_info() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Buffer overflow

EUVDB-ID: #VU93805

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26920

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the register_snapshot_trigger() function in kernel/trace/trace_events_trigger.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Improper locking

EUVDB-ID: #VU90774

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26976

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the async_pf_execute(), kvm_clear_async_pf_completion_queue(), kvm_check_async_pf_completion() and kvm_setup_async_pf() functions in virt/kvm/async_pf.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Improper locking

EUVDB-ID: #VU90769

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27010

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the qdisc_alloc() function in net/sched/sch_generic.c, within the qdisc_run_end() function in net/core/dev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Memory leak

EUVDB-ID: #VU90463

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27011

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nft_data_hold() and __nf_tables_abort() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Resource management error

EUVDB-ID: #VU93841

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27024

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the rds_sendmsg() function in net/rds/send.c, within the __rds_rdma_map() function in net/rds/rdma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Use-after-free

EUVDB-ID: #VU90179

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27049

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mt7925_pci_remove() function in drivers/net/wireless/mediatek/mt76/mt7925/pci.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Out-of-bounds read

EUVDB-ID: #VU91094

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27050

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the bpf_xdp_query() function in tools/lib/bpf/netlink.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) NULL pointer dereference

EUVDB-ID: #VU90518

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27079

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the intel_pasid_setup_nested() function in drivers/iommu/intel/pasid.c, within the domain_context_clear() and intel_iommu_release_device() functions in drivers/iommu/intel/iommu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Integer underflow

EUVDB-ID: #VU91669

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27403

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the flow_offload_dst_cookie() and nft_flow_dst_release() functions in net/netfilter/nf_flow_table_core.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Double free

EUVDB-ID: #VU90924

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27433

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the clk_mt7622_apmixed_remove() function in drivers/clk/mediatek/clk-mt7622-apmixedsys.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Resource management error

EUVDB-ID: #VU93202

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27437

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the vfio_intx_set_signal() function in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Memory leak

EUVDB-ID: #VU93016

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-31076

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the migrate_one_irq() function in kernel/irq/cpuhotplug.c, within the __send_cleanup_vector(), irq_complete_move() and irq_force_complete_move() functions in arch/x86/kernel/apic/vector.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Use-after-free

EUVDB-ID: #VU90163

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35855

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mlxsw_sp_acl_tcam_ventry_activity_get() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Resource management error

EUVDB-ID: #VU93269

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35897

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the nf_tables_table_disable() and nf_tables_updtable() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) NULL pointer dereference

EUVDB-ID: #VU91234

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35902

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __rds_rdma_map() function in net/rds/rdma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Resource management error

EUVDB-ID: #VU93191

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35913

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the iwl_mvm_rx_session_protect_notif() function in drivers/net/wireless/intel/iwlwifi/mvm/time-event.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Information disclosure

EUVDB-ID: #VU91344

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35939

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the dma_direct_alloc(), __dma_direct_free_pages() and dma_direct_alloc_pages() functions in kernel/dma/direct.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Out-of-bounds read

EUVDB-ID: #VU91391

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35949

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the __btrfs_check_leaf() and __btrfs_check_node() functions in fs/btrfs/tree-checker.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) NULL pointer dereference

EUVDB-ID: #VU93028

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36270

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nf_tproxy_laddr4() function in net/ipv4/netfilter/nf_tproxy_ipv4.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Improper locking

EUVDB-ID: #VU93036

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36286

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the instance_destroy_rcu() function in net/netfilter/nfnetlink_queue.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Infinite loop

EUVDB-ID: #VU93062

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36288

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the gss_read_proxy_verf() function in net/sunrpc/auth_gss/svcauth_gss.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) NULL pointer dereference

EUVDB-ID: #VU93030

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36489

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the tls_ctx_create() function in net/tls/tls_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Input validation error

EUVDB-ID: #VU90847

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36881

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the userfaultfd_release() function in fs/userfaultfd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) NULL pointer dereference

EUVDB-ID: #VU90381

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36907

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the xs_tcp_tls_setup_socket() function in net/sunrpc/xprtsock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Improper error handling

EUVDB-ID: #VU93449

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36929

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the skb_alloc_rx_flag() and skb_copy_expand() functions in net/core/skbuff.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Use of uninitialized resource

EUVDB-ID: #VU90862

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36933

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the EXPORT_SYMBOL_GPL() and nsh_gso_segment() functions in net/nsh/nsh.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Improper error handling

EUVDB-ID: #VU92054

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36939

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the nfs_net_init() function in fs/nfs/inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Improper locking

EUVDB-ID: #VU91562

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36970

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the iwl_req_fw_callback() function in drivers/net/wireless/intel/iwlwifi/iwl-drv.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Use-after-free

EUVDB-ID: #VU92305

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36979

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the br_mst_vlan_set_state() and br_mst_set_state() functions in net/bridge/br_mst.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) NULL pointer dereference

EUVDB-ID: #VU92349

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38548

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cdns_mhdp_atomic_enable() function in drivers/gpu/drm/bridge/cadence/cdns-mhdp8546-core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Memory leak

EUVDB-ID: #VU92295

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38563

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mt7996_mcu_get_temperature() function in drivers/net/wireless/mediatek/mt76/mt7996/mcu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) NULL pointer dereference

EUVDB-ID: #VU93007

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38609

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __mt76_connac_mcu_alloc_sta_req() function in drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Improper locking

EUVDB-ID: #VU93033

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38662

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the may_update_sockmap() and check_map_func_compatibility() functions in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Improper locking

EUVDB-ID: #VU93824

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39476

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the raid5d() function in drivers/md/raid5.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Improper locking

EUVDB-ID: #VU93825

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39483

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the svm_enable_nmi_window() function in arch/x86/kvm/svm/svm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Memory leak

EUVDB-ID: #VU93818

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39484

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the davinci_mmcsd_remove() and __exit_p() functions in drivers/mmc/host/davinci_mmc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Use-after-free

EUVDB-ID: #VU93834

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39486

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the drm_file_update_pid() function in drivers/gpu/drm/drm_file.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Improper error handling

EUVDB-ID: #VU94087

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39488

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the arch/arm64/include/asm/asm-bug.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Memory leak

EUVDB-ID: #VU94084

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39489

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the seg6_hmac_init_algo() and seg6_hmac_net_init() functions in net/ipv6/seg6_hmac.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Improper error handling

EUVDB-ID: #VU94088

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39491

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the cs35l56_hda_unbind(), cs35l56_hda_common_probe() and cs35l56_hda_remove() functions in sound/pci/hda/cs35l56_hda.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Memory leak

EUVDB-ID: #VU94086

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39493

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the adf_device_reset_worker() and adf_dev_aer_schedule_reset() functions in drivers/crypto/qat/qat_common/adf_aer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Buffer overflow

EUVDB-ID: #VU94313

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39497

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the drm_gem_shmem_mmap() function in drivers/gpu/drm/drm_gem_shmem_helper.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) Memory leak

EUVDB-ID: #VU94201

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39499

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the event_deliver() function in drivers/misc/vmw_vmci/vmci_event.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) NULL pointer dereference

EUVDB-ID: #VU94262

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39500

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the sock_map_close() function in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2

kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2

kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2

kernel-rt_debug: before 6.4.0-150600.10.8.3

kernel-rt: before 6.4.0-150600.10.8.3

kernel-source-rt: before 6.4.0-150600.10.8.3

kernel-devel-rt: before 6.4.0-150600.10.8.3

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel: before 6.4.0-150600.10.8.3

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso: before 6.4.0-150600.10.8.3

kernel-syms-rt: before 6.4.0-150600.10.8.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-optional: before 6.4.0-150600.10.8.3

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt: before 6.4.0-150600.10.8.3

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-debugsource: before 6.4.0-150600.10.8.3

dlm-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3

kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3

gfs2-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-extra: before 6.4.0-150600.10.8.3

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3

kselftests-kmp-rt: before 6.4.0-150600.10.8.3

kernel-rt-devel: before 6.4.0-150600.10.8.3

kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3

kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3

CPE2.3