Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 292 |
CVE-ID | CVE-2021-4441 CVE-2021-47106 CVE-2021-47517 CVE-2021-47546 CVE-2022-38457 CVE-2022-40133 CVE-2022-48645 CVE-2022-48706 CVE-2022-48808 CVE-2022-48865 CVE-2022-48868 CVE-2022-48869 CVE-2022-48870 CVE-2022-48871 CVE-2022-48872 CVE-2022-48873 CVE-2022-48875 CVE-2022-48878 CVE-2022-48880 CVE-2022-48881 CVE-2022-48882 CVE-2022-48883 CVE-2022-48884 CVE-2022-48885 CVE-2022-48886 CVE-2022-48887 CVE-2022-48888 CVE-2022-48889 CVE-2022-48890 CVE-2022-48891 CVE-2022-48893 CVE-2022-48896 CVE-2022-48898 CVE-2022-48899 CVE-2022-48903 CVE-2022-48904 CVE-2022-48905 CVE-2022-48906 CVE-2022-48907 CVE-2022-48909 CVE-2022-48910 CVE-2022-48912 CVE-2022-48913 CVE-2022-48914 CVE-2022-48915 CVE-2022-48916 CVE-2022-48917 CVE-2022-48918 CVE-2022-48919 CVE-2022-48920 CVE-2022-48921 CVE-2022-48923 CVE-2022-48924 CVE-2022-48925 CVE-2022-48926 CVE-2022-48927 CVE-2022-48928 CVE-2022-48929 CVE-2022-48930 CVE-2022-48931 CVE-2022-48932 CVE-2022-48934 CVE-2022-48937 CVE-2022-48938 CVE-2022-48939 CVE-2022-48940 CVE-2022-48941 CVE-2022-48942 CVE-2022-48943 CVE-2023-3610 CVE-2023-52458 CVE-2023-52489 CVE-2023-52498 CVE-2023-52581 CVE-2023-52859 CVE-2023-52887 CVE-2023-52889 CVE-2023-52893 CVE-2023-52894 CVE-2023-52896 CVE-2023-52898 CVE-2023-52899 CVE-2023-52900 CVE-2023-52901 CVE-2023-52904 CVE-2023-52905 CVE-2023-52906 CVE-2023-52907 CVE-2023-52908 CVE-2023-52909 CVE-2023-52910 CVE-2023-52911 CVE-2023-52912 CVE-2023-52913 CVE-2024-26631 CVE-2024-26668 CVE-2024-26669 CVE-2024-26677 CVE-2024-26735 CVE-2024-26808 CVE-2024-26812 CVE-2024-26835 CVE-2024-26851 CVE-2024-27010 CVE-2024-27011 CVE-2024-27016 CVE-2024-27024 CVE-2024-27079 CVE-2024-27403 CVE-2024-31076 CVE-2024-35897 CVE-2024-35902 CVE-2024-35945 CVE-2024-35971 CVE-2024-36009 CVE-2024-36013 CVE-2024-36270 CVE-2024-36286 CVE-2024-36489 CVE-2024-36929 CVE-2024-36933 CVE-2024-36936 CVE-2024-36962 CVE-2024-38554 CVE-2024-38602 CVE-2024-38662 CVE-2024-39489 CVE-2024-40905 CVE-2024-40978 CVE-2024-40980 CVE-2024-40995 CVE-2024-41000 CVE-2024-41007 CVE-2024-41009 CVE-2024-41011 CVE-2024-41016 CVE-2024-41020 CVE-2024-41022 CVE-2024-41035 CVE-2024-41036 CVE-2024-41038 CVE-2024-41039 CVE-2024-41042 CVE-2024-41045 CVE-2024-41056 CVE-2024-41060 CVE-2024-41062 CVE-2024-41065 CVE-2024-41068 CVE-2024-41073 CVE-2024-41079 CVE-2024-41080 CVE-2024-41087 CVE-2024-41088 CVE-2024-41089 CVE-2024-41092 CVE-2024-41093 CVE-2024-41095 CVE-2024-41097 CVE-2024-41098 CVE-2024-42069 CVE-2024-42074 CVE-2024-42076 CVE-2024-42077 CVE-2024-42080 CVE-2024-42082 CVE-2024-42085 CVE-2024-42086 CVE-2024-42087 CVE-2024-42089 CVE-2024-42090 CVE-2024-42092 CVE-2024-42095 CVE-2024-42097 CVE-2024-42098 CVE-2024-42101 CVE-2024-42104 CVE-2024-42106 CVE-2024-42107 CVE-2024-42110 CVE-2024-42114 CVE-2024-42115 CVE-2024-42119 CVE-2024-42120 CVE-2024-42121 CVE-2024-42126 CVE-2024-42127 CVE-2024-42130 CVE-2024-42137 CVE-2024-42139 CVE-2024-42142 CVE-2024-42143 CVE-2024-42148 CVE-2024-42152 CVE-2024-42155 CVE-2024-42156 CVE-2024-42157 CVE-2024-42158 CVE-2024-42162 CVE-2024-42223 CVE-2024-42225 CVE-2024-42228 CVE-2024-42229 CVE-2024-42230 CVE-2024-42232 CVE-2024-42236 CVE-2024-42237 CVE-2024-42238 CVE-2024-42239 CVE-2024-42240 CVE-2024-42244 CVE-2024-42246 CVE-2024-42247 CVE-2024-42268 CVE-2024-42271 CVE-2024-42274 CVE-2024-42276 CVE-2024-42277 CVE-2024-42280 CVE-2024-42281 CVE-2024-42283 CVE-2024-42284 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288 CVE-2024-42289 CVE-2024-42291 CVE-2024-42292 CVE-2024-42295 CVE-2024-42301 CVE-2024-42302 CVE-2024-42308 CVE-2024-42309 CVE-2024-42310 CVE-2024-42311 CVE-2024-42312 CVE-2024-42313 CVE-2024-42315 CVE-2024-42318 CVE-2024-42319 CVE-2024-42320 CVE-2024-42322 CVE-2024-43816 CVE-2024-43818 CVE-2024-43819 CVE-2024-43821 CVE-2024-43823 CVE-2024-43829 CVE-2024-43830 CVE-2024-43831 CVE-2024-43834 CVE-2024-43837 CVE-2024-43839 CVE-2024-43841 CVE-2024-43842 CVE-2024-43846 CVE-2024-43849 CVE-2024-43853 CVE-2024-43854 CVE-2024-43856 CVE-2024-43858 CVE-2024-43860 CVE-2024-43861 CVE-2024-43863 CVE-2024-43866 CVE-2024-43867 CVE-2024-43871 CVE-2024-43872 CVE-2024-43873 CVE-2024-43879 CVE-2024-43880 CVE-2024-43882 CVE-2024-43883 CVE-2024-43884 CVE-2024-43889 CVE-2024-43892 CVE-2024-43893 CVE-2024-43894 CVE-2024-43895 CVE-2024-43899 CVE-2024-43900 CVE-2024-43902 CVE-2024-43903 CVE-2024-43904 CVE-2024-43905 CVE-2024-43907 CVE-2024-43908 CVE-2024-43909 CVE-2024-44938 CVE-2024-44939 CVE-2024-44947 |
CWE-ID | CWE-476 CWE-416 CWE-401 CWE-362 CWE-125 CWE-388 CWE-667 CWE-119 CWE-399 CWE-20 CWE-617 CWE-366 CWE-190 CWE-825 CWE-191 CWE-682 CWE-908 CWE-415 CWE-835 CWE-369 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #292 is available. |
Vulnerable software |
openSUSE Leap Micro Operating systems & Components / Operating system SUSE Linux Enterprise Micro Operating systems & Components / Operating system SUSE Real Time Module Operating systems & Components / Operating system SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system kernel-rt_debug-livepatch-devel Operating systems & Components / Operating system package or component kernel-rt-optional-debuginfo Operating systems & Components / Operating system package or component kernel-rt-optional Operating systems & Components / Operating system package or component kernel-rt-extra Operating systems & Components / Operating system package or component reiserfs-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-livepatch Operating systems & Components / Operating system package or component reiserfs-kmp-rt Operating systems & Components / Operating system package or component kselftests-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-livepatch-devel Operating systems & Components / Operating system package or component kselftests-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-extra-debuginfo Operating systems & Components / Operating system package or component kernel-rt Operating systems & Components / Operating system package or component kernel-rt_debug Operating systems & Components / Operating system package or component kernel-source-rt Operating systems & Components / Operating system package or component kernel-devel-rt Operating systems & Components / Operating system package or component kernel-rt-devel-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-devel Operating systems & Components / Operating system package or component kernel-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-vdso-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-rt-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-vdso-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-debugsource Operating systems & Components / Operating system package or component dlm-kmp-rt Operating systems & Components / Operating system package or component ocfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-rt Operating systems & Components / Operating system package or component kernel-rt_debug-devel-debuginfo Operating systems & Components / Operating system package or component kernel-rt-debugsource Operating systems & Components / Operating system package or component kernel-rt_debug-vdso Operating systems & Components / Operating system package or component gfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-vdso Operating systems & Components / Operating system package or component kernel-syms-rt Operating systems & Components / Operating system package or component gfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-devel Operating systems & Components / Operating system package or component ocfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-5_14_21-150500_13_67-rt Operating systems & Components / Operating system package or component kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo Operating systems & Components / Operating system package or component |
Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 292 vulnerabilities.
EUVDB-ID: #VU96419
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-4441
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the zynq_qspi_exec_mem_op() function in drivers/spi/spi-zynq-qspi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90231
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47106
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nft_set_catchall_destroy() function in net/netfilter/nf_tables_api.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90053
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47517
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ethnl_ops_begin() function in net/ethtool/netlink.h. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89931
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-47546
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within fib6_rule_suppress() function in net/ipv4/fib_rules.c. A remote attacker can send IPv6 packets to the system, trigger memory leak and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU80790
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-38457
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the vmw_cmd_res_check() function in drivers/gpu/vmxgfx/vmxgfx_execbuf.c. A local user can trigger a use-after-free error and crash the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU80794
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-40133
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the vmw_execbuf_tie_context() function in drivers/gpu/vmxgfx/vmxgfx_execbuf.c. A local user can run a specially crafted program on the system and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93378
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48645
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the enetc_vf_set_features() and enetc_vf_netdev_setup() functions in drivers/net/ethernet/freescale/enetc/enetc_vf.c, within the enetc_pf_set_features() function in drivers/net/ethernet/freescale/enetc/enetc_pf.c, within the enetc_close() and enetc_setup_tc_mqprio() functions in drivers/net/ethernet/freescale/enetc/enetc.c, within the fsl-enetc-$() function in drivers/net/ethernet/freescale/enetc/Makefile. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91622
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48706
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ifcvf_probe() function in drivers/vdpa/ifcvf/ifcvf_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94443
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48808
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() and dsa_switch_shutdown() functions in net/dsa/dsa2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94438
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48865
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tipc_enable_bearer() function in net/tipc/bearer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96348
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48868
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __drv_enable_wq() function in drivers/dma/idxd/device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96328
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48869
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gadgetfs_init_fs_context() function in drivers/usb/gadget/legacy/inode.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96357
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48870
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the spk_ttyio_release() function in drivers/accessibility/speakup/spk_ttyio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96338
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48871
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the get_tx_fifo_size() and qcom_geni_serial_port_setup() functions in drivers/tty/serial/qcom_geni_serial.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96329
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48872
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fastrpc_map_put() function in drivers/misc/fastrpc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96330
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48873
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fastrpc_free_map(), fastrpc_buf_free() and fastrpc_device_release() functions in drivers/misc/fastrpc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96364
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48875
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the drv_ampdu_action() function in net/mac80211/driver-ops.c, within the ieee80211_tx_ba_session_handle_start() function in net/mac80211/agg-tx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96332
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48878
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qca_serdev_shutdown() function in drivers/bluetooth/hci_qca.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96370
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48880
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ssam_request_sync() function in drivers/platform/surface/aggregator/controller.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96316
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48881
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amd_pmc_probe() function in drivers/platform/x86/amd/pmc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96354
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48882
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5e_macsec_init_sa() function in drivers/net/ethernet/mellanox/mlx5/core/en_accel/macsec.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96339
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48883
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mlx5i_pkey_dev_init() function in drivers/net/ethernet/mellanox/mlx5/core/ipoib/ipoib_vlan.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96353
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48884
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_cmd_init(), dma_pool_destroy() and mlx5_cmd_cleanup() functions in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96317
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48885
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ice_gnss_tty_write() function in drivers/net/ethernet/intel/ice/ice_gnss.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96352
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48886
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_gnss_create_tty_driver() function in drivers/net/ethernet/intel/ice/ice_gnss.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96358
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48887
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the vmw_execbuf_rcache_update(), vmw_execbuf_res_noref_val_add(), vmw_view_res_val_add(), vmw_resource_context_res_add(), vmw_cmd_res_check(), vmw_translate_mob_ptr(), vmw_translate_guest_ptr(), vmw_cmd_set_shader(), vmw_cmd_dx_set_shader(), vmw_cmd_dx_bind_shader(), vmw_cmd_dx_bind_streamoutput(), vmw_cmd_dx_set_streamoutput() and vmw_execbuf_tie_context() functions in drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c, within the vmw_user_bo_lookup() function in drivers/gpu/drm/vmwgfx/vmwgfx_bo.c, within the ttm_base_object_unref() and ttm_base_object_lookup() functions in drivers/gpu/drm/vmwgfx/ttm_object.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96318
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48888
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the msm_mdss_parse_data_bus_icc_path() function in drivers/gpu/drm/msm/msm_mdss.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96367
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48889
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SOF_NAU8825_NUM_HDMIDEV() function in sound/soc/intel/boards/sof_nau8825.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96319
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48890
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the storvsc_queuecommand() function in drivers/scsi/storvsc_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96359
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48891
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the da9211_i2c_probe() function in drivers/regulator/da9211-regulator.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96320
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48893
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the intel_engines_init() function in drivers/gpu/drm/i915/gt/intel_engine_cs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96321
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48896
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ixgbe_get_first_secondary_devfn() and ixgbe_x550em_a_has_mii() functions in drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96360
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48898
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dp_aux_isr() function in drivers/gpu/drm/msm/dp/dp_aux.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96334
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48899
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the virtio_gpu_resource_create_ioctl() function in drivers/gpu/drm/virtio/virtgpu_ioctl.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96440
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48903
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the btrfs_attach_transaction_barrier() function in fs/btrfs/transaction.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96403
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48904
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the v1_free_pgtable() function in drivers/iommu/amd/io_pgtable.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96404
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48905
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ibmvnic_reset() function in drivers/net/ethernet/ibm/ibmvnic.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96417
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48906
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mptcp_pending_data_fin() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96405
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48907
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lcd2s_i2c_probe() function in drivers/auxdisplay/lcd2s.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96406
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48909
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the smc_release() function in net/smc/af_smc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96407
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48910
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the addrconf_ifdown() and addrconf_del_rs_timer() functions in net/ipv6/addrconf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96411
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48912
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nf_register_net_hook() function in net/netfilter/core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96412
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48913
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the local_irq_restore(), put_probe_ref(), __blk_trace_remove(), do_blk_trace_setup(), blk_trace_remove_queue() and blk_trace_setup_queue() functions in kernel/trace/blktrace.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96421
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48914
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xennet_close(), xennet_poll_controller() and xennet_destroy_queues() functions in drivers/net/xen-netfront.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96422
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48915
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the thermal_genl_cmd_tz_get_trip() function in drivers/thermal/thermal_netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96436
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48916
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dmar_insert_one_dev_info() function in drivers/iommu/intel/iommu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96442
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48917
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the snd_soc_put_volsw() function in sound/soc/soc-ops.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96423
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48918
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the iwl_mvm_sta_add_debugfs() and iwl_mvm_dbgfs_register() functions in drivers/net/wireless/intel/iwlwifi/mvm/debugfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96413
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48919
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cifs_do_mount() function in fs/cifs/cifsfs.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96437
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48920
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the btrfs_cleanup_pending_block_groups() function in fs/btrfs/transaction.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96424
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48921
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tg_nop(), sched_fork(), set_user_nice(), __setscheduler_params() and sched_init() functions in kernel/sched/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96443
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48923
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the lzo_decompress_bio() function in fs/btrfs/lzo.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96408
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48924
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the int3400_notify() function in drivers/thermal/int340x_thermal/int3400_thermal.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96414
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48925
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cma_bind_addr() function in drivers/infiniband/core/cma.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96426
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48926
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rndis_register(), rndis_free_response(), rndis_get_next_response() and rndis_add_response() functions in drivers/usb/gadget/function/rndis.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96441
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48927
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the tsc2046_adc_update_scan_mode() and tsc2046_adc_setup_spi_msg() functions in drivers/iio/adc/ti-tsc2046.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96400
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48928
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the men_z188_probe() function in drivers/iio/adc/men_z188_adc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96415
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48929
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the btf_check_func_arg_match() function in kernel/bpf/btf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96427
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48930
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the srp_remove_one() function in drivers/infiniband/ulp/srp/ib_srp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96444
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48931
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the DECLARE_RWSEM(), configfs_register_subsystem() and configfs_unregister_subsystem() functions in fs/configfs/dir.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96416
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48932
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the contain_vport_reformat_action() and mlx5_cmd_dr_create_fte() functions in drivers/net/ethernet/mellanox/mlx5/core/steering/fs_dr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96402
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48934
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfp_tunnel_add_shared_mac() and kfree() functions in drivers/net/ethernet/netronome/nfp/flower/tunnel_conf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96429
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48937
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the io_add_buffers() function in fs/io_uring.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96438
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48938
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cdc_ncm_rx_fixup() function in drivers/net/usb/cdc_ncm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96430
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48939
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the generic_map_delete_batch(), generic_map_update_batch() and generic_map_lookup_batch() functions in kernel/bpf/syscall.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96431
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48940
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the include/linux/bpf.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96432
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48941
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ice_free_vfs(), ice_reset_all_vfs(), ice_reset_vf(), ice_process_vflr_event() and ice_vf_lan_overflow_event() functions in drivers/net/ethernet/intel/ice/ice_virtchnl_pf.c, within the ice_handle_mdd_event() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96418
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48942
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hwmon_thermal_add_sensor() function in drivers/hwmon/hwmon.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96433
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48943
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the shadow_page_table_clear_flood() function in arch/x86/kvm/mmu/mmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78779
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-3610
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nf_tables component in Linux kernel netfilter. A local user with CAP_NET_ADMIN capability can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.67.3
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-optional: before 5.14.21-150500.13.67.3
kernel-rt-extra: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch: before 5.14.21-150500.13.67.3
reiserfs-kmp-rt: before 5.14.21-150500.13.67.3
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-livepatch-devel: before 5.14.21-150500.13.67.3
kselftests-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug: before 5.14.21-150500.13.67.3
kernel-source-rt: before 5.14.21-150500.13.67.3
kernel-devel-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel: before 5.14.21-150500.13.67.3
kernel-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt_debug-debugsource: before 5.14.21-150500.13.67.3
dlm-kmp-rt: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
cluster-md-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-debugsource: before 5.14.21-150500.13.67.3
kernel-rt_debug-vdso: before 5.14.21-150500.13.67.3
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.67.3
kernel-rt-vdso: before 5.14.21-150500.13.67.3
kernel-syms-rt: before 5.14.21-150500.13.67.1
gfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-rt-devel: before 5.14.21-150500.13.67.3
ocfs2-kmp-rt: before 5.14.21-150500.13.67.3
kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt: before 1-150500.11.3.2
kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo: before 1-150500.11.3.2
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Q & A
Can this vulnerability be exploited remotely?