Risk | Low |
Patch available | YES |
Number of vulnerabilities | 393 |
CVE-ID | CVE-2023-52489 CVE-2023-52581 CVE-2023-52668 CVE-2023-52688 CVE-2023-52756 CVE-2023-52766 CVE-2023-52800 CVE-2023-52802 CVE-2023-52859 CVE-2023-52885 CVE-2023-52886 CVE-2023-52887 CVE-2023-52889 CVE-2024-26590 CVE-2024-26631 CVE-2024-26637 CVE-2024-26668 CVE-2024-26669 CVE-2024-26677 CVE-2024-26682 CVE-2024-26683 CVE-2024-26735 CVE-2024-26758 CVE-2024-26767 CVE-2024-26808 CVE-2024-26809 CVE-2024-26812 CVE-2024-26835 CVE-2024-26837 CVE-2024-26849 CVE-2024-26851 CVE-2024-26889 CVE-2024-26920 CVE-2024-26976 CVE-2024-27010 CVE-2024-27011 CVE-2024-27024 CVE-2024-27049 CVE-2024-27050 CVE-2024-27079 CVE-2024-27403 CVE-2024-27433 CVE-2024-27437 CVE-2024-31076 CVE-2024-35855 CVE-2024-35897 CVE-2024-35902 CVE-2024-35913 CVE-2024-35939 CVE-2024-35949 CVE-2024-36270 CVE-2024-36286 CVE-2024-36288 CVE-2024-36489 CVE-2024-36881 CVE-2024-36907 CVE-2024-36929 CVE-2024-36933 CVE-2024-36939 CVE-2024-36970 CVE-2024-36979 CVE-2024-38548 CVE-2024-38563 CVE-2024-38609 CVE-2024-38662 CVE-2024-39476 CVE-2024-39483 CVE-2024-39484 CVE-2024-39486 CVE-2024-39488 CVE-2024-39489 CVE-2024-39491 CVE-2024-39493 CVE-2024-39497 CVE-2024-39499 CVE-2024-39500 CVE-2024-39501 CVE-2024-39505 CVE-2024-39506 CVE-2024-39508 CVE-2024-39509 CVE-2024-39510 CVE-2024-40899 CVE-2024-40900 CVE-2024-40902 CVE-2024-40903 CVE-2024-40904 CVE-2024-40905 CVE-2024-40909 CVE-2024-40910 CVE-2024-40911 CVE-2024-40912 CVE-2024-40913 CVE-2024-40916 CVE-2024-40920 CVE-2024-40921 CVE-2024-40922 CVE-2024-40924 CVE-2024-40926 CVE-2024-40927 CVE-2024-40929 CVE-2024-40930 CVE-2024-40932 CVE-2024-40934 CVE-2024-40936 CVE-2024-40938 CVE-2024-40939 CVE-2024-40941 CVE-2024-40942 CVE-2024-40943 CVE-2024-40944 CVE-2024-40945 CVE-2024-40954 CVE-2024-40956 CVE-2024-40957 CVE-2024-40958 CVE-2024-40959 CVE-2024-40962 CVE-2024-40964 CVE-2024-40967 CVE-2024-40976 CVE-2024-40977 CVE-2024-40978 CVE-2024-40981 CVE-2024-40982 CVE-2024-40984 CVE-2024-40987 CVE-2024-40988 CVE-2024-40989 CVE-2024-40990 CVE-2024-40992 CVE-2024-40994 CVE-2024-40995 CVE-2024-40997 CVE-2024-41000 CVE-2024-41001 CVE-2024-41002 CVE-2024-41004 CVE-2024-41007 CVE-2024-41009 CVE-2024-41010 CVE-2024-41011 CVE-2024-41012 CVE-2024-41015 CVE-2024-41016 CVE-2024-41020 CVE-2024-41022 CVE-2024-41024 CVE-2024-41025 CVE-2024-41028 CVE-2024-41032 CVE-2024-41035 CVE-2024-41036 CVE-2024-41037 CVE-2024-41038 CVE-2024-41039 CVE-2024-41040 CVE-2024-41041 CVE-2024-41044 CVE-2024-41045 CVE-2024-41048 CVE-2024-41049 CVE-2024-41050 CVE-2024-41051 CVE-2024-41056 CVE-2024-41057 CVE-2024-41058 CVE-2024-41059 CVE-2024-41060 CVE-2024-41061 CVE-2024-41062 CVE-2024-41063 CVE-2024-41064 CVE-2024-41065 CVE-2024-41066 CVE-2024-41068 CVE-2024-41069 CVE-2024-41070 CVE-2024-41071 CVE-2024-41072 CVE-2024-41073 CVE-2024-41074 CVE-2024-41075 CVE-2024-41076 CVE-2024-41078 CVE-2024-41079 CVE-2024-41080 CVE-2024-41081 CVE-2024-41084 CVE-2024-41087 CVE-2024-41088 CVE-2024-41089 CVE-2024-41092 CVE-2024-41093 CVE-2024-41094 CVE-2024-41095 CVE-2024-41096 CVE-2024-41097 CVE-2024-41098 CVE-2024-42064 CVE-2024-42069 CVE-2024-42070 CVE-2024-42073 CVE-2024-42074 CVE-2024-42076 CVE-2024-42077 CVE-2024-42079 CVE-2024-42080 CVE-2024-42082 CVE-2024-42085 CVE-2024-42086 CVE-2024-42087 CVE-2024-42089 CVE-2024-42090 CVE-2024-42092 CVE-2024-42093 CVE-2024-42095 CVE-2024-42096 CVE-2024-42097 CVE-2024-42098 CVE-2024-42101 CVE-2024-42104 CVE-2024-42105 CVE-2024-42106 CVE-2024-42107 CVE-2024-42109 CVE-2024-42110 CVE-2024-42113 CVE-2024-42114 CVE-2024-42115 CVE-2024-42117 CVE-2024-42119 CVE-2024-42120 CVE-2024-42121 CVE-2024-42122 CVE-2024-42124 CVE-2024-42125 CVE-2024-42126 CVE-2024-42127 CVE-2024-42130 CVE-2024-42131 CVE-2024-42132 CVE-2024-42133 CVE-2024-42136 CVE-2024-42137 CVE-2024-42138 CVE-2024-42139 CVE-2024-42141 CVE-2024-42142 CVE-2024-42143 CVE-2024-42144 CVE-2024-42145 CVE-2024-42147 CVE-2024-42148 CVE-2024-42152 CVE-2024-42153 CVE-2024-42155 CVE-2024-42156 CVE-2024-42157 CVE-2024-42158 CVE-2024-42159 CVE-2024-42161 CVE-2024-42162 CVE-2024-42223 CVE-2024-42224 CVE-2024-42225 CVE-2024-42226 CVE-2024-42227 CVE-2024-42228 CVE-2024-42229 CVE-2024-42230 CVE-2024-42232 CVE-2024-42236 CVE-2024-42237 CVE-2024-42238 CVE-2024-42239 CVE-2024-42240 CVE-2024-42241 CVE-2024-42244 CVE-2024-42245 CVE-2024-42246 CVE-2024-42247 CVE-2024-42250 CVE-2024-42253 CVE-2024-42259 CVE-2024-42268 CVE-2024-42269 CVE-2024-42270 CVE-2024-42271 CVE-2024-42274 CVE-2024-42276 CVE-2024-42277 CVE-2024-42278 CVE-2024-42279 CVE-2024-42280 CVE-2024-42281 CVE-2024-42283 CVE-2024-42284 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288 CVE-2024-42289 CVE-2024-42290 CVE-2024-42291 CVE-2024-42292 CVE-2024-42295 CVE-2024-42298 CVE-2024-42301 CVE-2024-42302 CVE-2024-42303 CVE-2024-42308 CVE-2024-42309 CVE-2024-42310 CVE-2024-42311 CVE-2024-42312 CVE-2024-42313 CVE-2024-42314 CVE-2024-42315 CVE-2024-42316 CVE-2024-42318 CVE-2024-42319 CVE-2024-42320 CVE-2024-42322 CVE-2024-43816 CVE-2024-43817 CVE-2024-43818 CVE-2024-43819 CVE-2024-43821 CVE-2024-43823 CVE-2024-43824 CVE-2024-43825 CVE-2024-43826 CVE-2024-43829 CVE-2024-43830 CVE-2024-43831 CVE-2024-43833 CVE-2024-43834 CVE-2024-43837 CVE-2024-43839 CVE-2024-43840 CVE-2024-43841 CVE-2024-43842 CVE-2024-43846 CVE-2024-43847 CVE-2024-43849 CVE-2024-43850 CVE-2024-43851 CVE-2024-43853 CVE-2024-43854 CVE-2024-43855 CVE-2024-43856 CVE-2024-43858 CVE-2024-43860 CVE-2024-43861 CVE-2024-43863 CVE-2024-43864 CVE-2024-43866 CVE-2024-43867 CVE-2024-43871 CVE-2024-43872 CVE-2024-43873 CVE-2024-43874 CVE-2024-43875 CVE-2024-43876 CVE-2024-43877 CVE-2024-43879 CVE-2024-43880 CVE-2024-43881 CVE-2024-43882 CVE-2024-43883 CVE-2024-43884 CVE-2024-43885 CVE-2024-43889 CVE-2024-43892 CVE-2024-43893 CVE-2024-43894 CVE-2024-43895 CVE-2024-43897 CVE-2024-43899 CVE-2024-43900 CVE-2024-43902 CVE-2024-43903 CVE-2024-43905 CVE-2024-43906 CVE-2024-43907 CVE-2024-43908 CVE-2024-43909 CVE-2024-43911 CVE-2024-43912 CVE-2024-44931 CVE-2024-44938 CVE-2024-44939 |
CWE-ID | CWE-362 CWE-401 CWE-667 CWE-119 CWE-125 CWE-416 CWE-476 CWE-388 CWE-366 CWE-20 CWE-190 CWE-399 CWE-835 CWE-825 CWE-404 CWE-908 CWE-191 CWE-415 CWE-200 CWE-843 CWE-617 CWE-682 CWE-369 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software |
SUSE Real Time Module Operating systems & Components / Operating system SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system kernel-livepatch-6_4_0-150600_10_8-rt Operating systems & Components / Operating system package or component kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource Operating systems & Components / Operating system package or component kernel-rt_debug Operating systems & Components / Operating system package or component kernel-rt Operating systems & Components / Operating system package or component kernel-source-rt Operating systems & Components / Operating system package or component kernel-devel-rt Operating systems & Components / Operating system package or component kselftests-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-extra-debuginfo Operating systems & Components / Operating system package or component reiserfs-kmp-rt Operating systems & Components / Operating system package or component kernel-rt_debug-devel Operating systems & Components / Operating system package or component kernel-rt-devel-debuginfo Operating systems & Components / Operating system package or component reiserfs-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-devel-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-optional-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-rt Operating systems & Components / Operating system package or component kernel-rt_debug-debuginfo Operating systems & Components / Operating system package or component kernel-rt-vdso Operating systems & Components / Operating system package or component kernel-syms-rt Operating systems & Components / Operating system package or component kernel-rt_debug-vdso-debuginfo Operating systems & Components / Operating system package or component kernel-rt-optional Operating systems & Components / Operating system package or component cluster-md-kmp-rt-debuginfo Operating systems & Components / Operating system package or component ocfs2-kmp-rt Operating systems & Components / Operating system package or component dlm-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-debugsource Operating systems & Components / Operating system package or component dlm-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-vdso-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-debugsource Operating systems & Components / Operating system package or component gfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-extra Operating systems & Components / Operating system package or component kernel-rt_debug-livepatch-devel Operating systems & Components / Operating system package or component ocfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kselftests-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-devel Operating systems & Components / Operating system package or component kernel-rt-livepatch-devel Operating systems & Components / Operating system package or component kernel-rt_debug-vdso Operating systems & Components / Operating system package or component |
Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 393 vulnerabilities.
EUVDB-ID: #VU89388
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52489
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the section_deactivate() function in mm/sparse.c. A local user can exploit the race and escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89385
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52581
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak within the nft_trans_gc_space() function in net/netfilter/nf_tables_api.c. A local user can force the system to leak memory and perform denial of service attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91517
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52668
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the btrfs_zone_activate() function in fs/btrfs/zoned.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93803
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52688
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ath12k_core_qmi_firmware_ready() function in drivers/net/wireless/ath/ath12k/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91307
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52756
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the include/linux/pwm.h. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91086
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52766
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hci_dma_irq_handler() function in drivers/i3c/master/mipi-i3c-hci/dma.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90071
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52800
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath11k_htt_pktlog() function in drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90536
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52802
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the stm32_adc_probe() function in drivers/iio/adc/stm32-adc-core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90081
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52859
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hisi_sllc_pmu_probe() function in drivers/perf/hisilicon/hisi_uncore_sllc_pmu.c, within the hisi_pa_pmu_probe() function in drivers/perf/hisilicon/hisi_uncore_pa_pmu.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94326
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52885
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the svc_tcp_listen_data_ready() function in net/sunrpc/svcsock.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94434
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52886
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the get_bMaxPacketSize0(), hub_port_init(), hub_port_connect() and usb_reset_and_verify_device() functions in drivers/usb/core/hub.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU95018
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52887
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the j1939_xtp_rx_rts_session_new() function in net/can/j1939/transport.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96132
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52889
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the apparmor_socket_sock_rcv_skb() function in security/apparmor/lsm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90663
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26590
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the z_erofs_do_map_blocks() function in fs/erofs/zmap.c, within the z_erofs_parse_cfgs() function in fs/erofs/decompressor.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91436
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26631
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the ipv6_mc_down() function in net/ipv6/mcast.c. A local user can manipulate data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93692
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26637
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ath11k_mac_op_add_interface() and ath11k_mac_txpower_recalc() functions in drivers/net/wireless/ath/ath11k/mac.c, within the ath11k_debugfs_add_interface() function in drivers/net/wireless/ath/ath11k/debugfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91180
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26668
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the nft_limit_eval() and nft_limit_init() functions in net/netfilter/nft_limit.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90010
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26669
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fl_tmplt_destroy() function in net/sched/cls_flower.c, within the tcf_block_playback_offloads() and tc_chain_tmplt_add() functions in net/sched/cls_api.c, within the void() function in include/net/sch_generic.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94139
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26677
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the rxrpc_propose_delay_ACK(), rxrpc_send_initial_ping() and rxrpc_input_call_event() functions in net/rxrpc/call_event.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94141
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26682
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ieee80211_mgd_csa_present(), ieee80211_mgd_auth() and ieee80211_mgd_assoc() functions in net/mac80211/mlme.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93177
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26683
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cfg80211_update_hidden_bsses() and cfg80211_update_known_bss() functions in net/wireless/scan.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90215
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26735
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the seg6_init() function in net/ipv6/seg6.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93873
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26758
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91415
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26767
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the link_validate_dpia_bandwidth() function in drivers/gpu/drm/amd/display/dc/link/link_validation.c, within the get_firmware_info_v3_2(), get_integrated_info_v11(), get_integrated_info_v2_1() and get_integrated_info_v2_2() functions in drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93809
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26808
CWE-ID:
CWE-825 - Expired pointer dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a stale reference within the nf_tables_netdev_event() function in net/netfilter/nft_chain_filter.c. A local user can perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93747
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26809
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the nft_pipapo_destroy() function in net/netfilter/nft_set_pipapo.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91529
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26812
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the vfio_send_intx_eventfd(), vfio_intx_handler() and vfio_pci_set_intx_trigger() functions in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93772
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26835
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nf_tables_updtable() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92039
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26837
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the switchdev_obj_eq() and switchdev_port_obj_del() functions in net/switchdev/switchdev.c, within the br_switchdev_mdb_replay_one() and br_switchdev_mdb_replay() functions in net/bridge/br_switchdev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90875
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26849
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the sizeof() function in lib/nlattr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91096
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26851
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the decode_seq() function in net/netfilter/nf_conntrack_h323_asn1.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91312
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26889
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the hci_get_dev_info() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93805
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26920
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the register_snapshot_trigger() function in kernel/trace/trace_events_trigger.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90774
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26976
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the async_pf_execute(), kvm_clear_async_pf_completion_queue(), kvm_check_async_pf_completion() and kvm_setup_async_pf() functions in virt/kvm/async_pf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90769
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27010
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qdisc_alloc() function in net/sched/sch_generic.c, within the qdisc_run_end() function in net/core/dev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90463
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27011
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nft_data_hold() and __nf_tables_abort() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93841
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27024
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the rds_sendmsg() function in net/rds/send.c, within the __rds_rdma_map() function in net/rds/rdma.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90179
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27049
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mt7925_pci_remove() function in drivers/net/wireless/mediatek/mt76/mt7925/pci.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91094
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27050
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bpf_xdp_query() function in tools/lib/bpf/netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90518
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27079
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the intel_pasid_setup_nested() function in drivers/iommu/intel/pasid.c, within the domain_context_clear() and intel_iommu_release_device() functions in drivers/iommu/intel/iommu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91669
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27403
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the flow_offload_dst_cookie() and nft_flow_dst_release() functions in net/netfilter/nf_flow_table_core.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90924
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27433
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the clk_mt7622_apmixed_remove() function in drivers/clk/mediatek/clk-mt7622-apmixedsys.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93202
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27437
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vfio_intx_set_signal() function in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93016
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-31076
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the migrate_one_irq() function in kernel/irq/cpuhotplug.c, within the __send_cleanup_vector(), irq_complete_move() and irq_force_complete_move() functions in arch/x86/kernel/apic/vector.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90163
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35855
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlxsw_sp_acl_tcam_ventry_activity_get() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93269
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35897
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nf_tables_table_disable() and nf_tables_updtable() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91234
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35902
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __rds_rdma_map() function in net/rds/rdma.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93191
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35913
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the iwl_mvm_rx_session_protect_notif() function in drivers/net/wireless/intel/iwlwifi/mvm/time-event.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91344
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35939
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the dma_direct_alloc(), __dma_direct_free_pages() and dma_direct_alloc_pages() functions in kernel/dma/direct.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91391
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35949
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the __btrfs_check_leaf() and __btrfs_check_node() functions in fs/btrfs/tree-checker.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93028
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36270
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nf_tproxy_laddr4() function in net/ipv4/netfilter/nf_tproxy_ipv4.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93036
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36286
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the instance_destroy_rcu() function in net/netfilter/nfnetlink_queue.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93062
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36288
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the gss_read_proxy_verf() function in net/sunrpc/auth_gss/svcauth_gss.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93030
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36489
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tls_ctx_create() function in net/tls/tls_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90847
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36881
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the userfaultfd_release() function in fs/userfaultfd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90381
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36907
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xs_tcp_tls_setup_socket() function in net/sunrpc/xprtsock.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93449
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36929
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the skb_alloc_rx_flag() and skb_copy_expand() functions in net/core/skbuff.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90862
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36933
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the EXPORT_SYMBOL_GPL() and nsh_gso_segment() functions in net/nsh/nsh.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92054
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36939
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nfs_net_init() function in fs/nfs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91562
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36970
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the iwl_req_fw_callback() function in drivers/net/wireless/intel/iwlwifi/iwl-drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92305
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36979
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the br_mst_vlan_set_state() and br_mst_set_state() functions in net/bridge/br_mst.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92349
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38548
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cdns_mhdp_atomic_enable() function in drivers/gpu/drm/bridge/cadence/cdns-mhdp8546-core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92295
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38563
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mt7996_mcu_get_temperature() function in drivers/net/wireless/mediatek/mt76/mt7996/mcu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93007
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38609
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __mt76_connac_mcu_alloc_sta_req() function in drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93033
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38662
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the may_update_sockmap() and check_map_func_compatibility() functions in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93824
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39476
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the raid5d() function in drivers/md/raid5.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93825
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39483
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the svm_enable_nmi_window() function in arch/x86/kvm/svm/svm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93818
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39484
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the davinci_mmcsd_remove() and __exit_p() functions in drivers/mmc/host/davinci_mmc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93834
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39486
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drm_file_update_pid() function in drivers/gpu/drm/drm_file.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94087
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39488
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the arch/arm64/include/asm/asm-bug.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94084
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39489
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the seg6_hmac_init_algo() and seg6_hmac_net_init() functions in net/ipv6/seg6_hmac.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94088
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39491
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the cs35l56_hda_unbind(), cs35l56_hda_common_probe() and cs35l56_hda_remove() functions in sound/pci/hda/cs35l56_hda.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94086
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39493
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the adf_device_reset_worker() and adf_dev_aer_schedule_reset() functions in drivers/crypto/qat/qat_common/adf_aer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94313
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39497
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drm_gem_shmem_mmap() function in drivers/gpu/drm/drm_gem_shmem_helper.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94201
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39499
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the event_deliver() function in drivers/misc/vmw_vmci/vmci_event.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243195-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94262
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39500
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sock_map_close() function in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_8-rt: before 1-150600.1.3.2
kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo: before 1-150600.1.3.2
kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource: before 1-150600.1.3.2
kernel-rt_debug: before 6.4.0-150600.10.8.3
kernel-rt: before 6.4.0-150600.10.8.3
kernel-source-rt: before 6.4.0-150600.10.8.3
kernel-devel-rt: before 6.4.0-150600.10.8.3
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel: before 6.4.0-150600.10.8.3
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.8.3
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.8.3
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso: before 6.4.0-150600.10.8.3
kernel-syms-rt: before 6.4.0-150600.10.8.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-optional: before 6.4.0-150600.10.8.3
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt: before 6.4.0-150600.10.8.3
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-debugsource: before 6.4.0-150600.10.8.3
dlm-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.8.3
kernel-rt_debug-debugsource: before 6.4.0-150600.10.8.3
gfs2-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-extra: before 6.4.0-150600.10.8.3
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.8.3
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.8.3
kselftests-kmp-rt: before 6.4.0-150600.10.8.3
kernel-rt-devel: before 6.4.0-150600.10.8.3
kernel-rt-livepatch-devel: before 6.4.0-150600.10.8.3
kernel-rt_debug-vdso: before 6.4.0-150600.10.8.3
CPE2.3