Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 162 |
CVE-ID | CVE-2023-52610 CVE-2023-52752 CVE-2023-52915 CVE-2023-52916 CVE-2024-26640 CVE-2024-26759 CVE-2024-26804 CVE-2024-36953 CVE-2024-38538 CVE-2024-38596 CVE-2024-38632 CVE-2024-40965 CVE-2024-40973 CVE-2024-40983 CVE-2024-42154 CVE-2024-42243 CVE-2024-42252 CVE-2024-42265 CVE-2024-42294 CVE-2024-42304 CVE-2024-42305 CVE-2024-42306 CVE-2024-43828 CVE-2024-43832 CVE-2024-43835 CVE-2024-43845 CVE-2024-43870 CVE-2024-43890 CVE-2024-43898 CVE-2024-43904 CVE-2024-43914 CVE-2024-44935 CVE-2024-44944 CVE-2024-44946 CVE-2024-44947 CVE-2024-44948 CVE-2024-44950 CVE-2024-44951 CVE-2024-44952 CVE-2024-44954 CVE-2024-44960 CVE-2024-44961 CVE-2024-44962 CVE-2024-44965 CVE-2024-44967 CVE-2024-44969 CVE-2024-44970 CVE-2024-44971 CVE-2024-44977 CVE-2024-44982 CVE-2024-44984 CVE-2024-44985 CVE-2024-44986 CVE-2024-44987 CVE-2024-44988 CVE-2024-44989 CVE-2024-44990 CVE-2024-44991 CVE-2024-44997 CVE-2024-44998 CVE-2024-44999 CVE-2024-45000 CVE-2024-45001 CVE-2024-45002 CVE-2024-45003 CVE-2024-45005 CVE-2024-45006 CVE-2024-45007 CVE-2024-45008 CVE-2024-45011 CVE-2024-45012 CVE-2024-45013 CVE-2024-45015 CVE-2024-45017 CVE-2024-45018 CVE-2024-45019 CVE-2024-45020 CVE-2024-45021 CVE-2024-45022 CVE-2024-45023 CVE-2024-45026 CVE-2024-45028 CVE-2024-45029 CVE-2024-45030 CVE-2024-46672 CVE-2024-46673 CVE-2024-46674 CVE-2024-46675 CVE-2024-46676 CVE-2024-46677 CVE-2024-46679 CVE-2024-46685 CVE-2024-46686 CVE-2024-46687 CVE-2024-46689 CVE-2024-46691 CVE-2024-46692 CVE-2024-46693 CVE-2024-46694 CVE-2024-46695 CVE-2024-46702 CVE-2024-46706 CVE-2024-46707 CVE-2024-46709 CVE-2024-46710 CVE-2024-46714 CVE-2024-46715 CVE-2024-46716 CVE-2024-46717 CVE-2024-46719 CVE-2024-46720 CVE-2024-46722 CVE-2024-46723 CVE-2024-46724 CVE-2024-46725 CVE-2024-46726 CVE-2024-46728 CVE-2024-46729 CVE-2024-46730 CVE-2024-46731 CVE-2024-46732 CVE-2024-46734 CVE-2024-46735 CVE-2024-46737 CVE-2024-46738 CVE-2024-46739 CVE-2024-46741 CVE-2024-46743 CVE-2024-46744 CVE-2024-46745 CVE-2024-46746 CVE-2024-46747 CVE-2024-46749 CVE-2024-46750 CVE-2024-46751 CVE-2024-46752 CVE-2024-46753 CVE-2024-46755 CVE-2024-46756 CVE-2024-46757 CVE-2024-46758 CVE-2024-46759 CVE-2024-46760 CVE-2024-46761 CVE-2024-46767 CVE-2024-46771 CVE-2024-46772 CVE-2024-46773 CVE-2024-46774 CVE-2024-46776 CVE-2024-46778 CVE-2024-46780 CVE-2024-46781 CVE-2024-46783 CVE-2024-46784 CVE-2024-46786 CVE-2024-46787 CVE-2024-46791 CVE-2024-46794 CVE-2024-46797 CVE-2024-46798 CVE-2024-46822 |
CWE-ID | CWE-401 CWE-416 CWE-476 CWE-399 CWE-362 CWE-388 CWE-908 CWE-366 CWE-667 CWE-20 CWE-119 CWE-843 CWE-125 CWE-665 CWE-369 CWE-835 CWE-682 CWE-415 CWE-191 |
Exploitation vector | Network |
Public exploit |
Public exploit code for vulnerability #34 is available. Public exploit code for vulnerability #35 is available. |
Vulnerable software |
SUSE Real Time Module Operating systems & Components / Operating system SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-6_4_0-150600_10_14-rt Operating systems & Components / Operating system package or component kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt Operating systems & Components / Operating system package or component kernel-rt_debug Operating systems & Components / Operating system package or component kernel-source-rt Operating systems & Components / Operating system package or component kernel-devel-rt Operating systems & Components / Operating system package or component kernel-rt_debug-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-devel Operating systems & Components / Operating system package or component kernel-rt_debug-vdso Operating systems & Components / Operating system package or component kernel-rt-debugsource Operating systems & Components / Operating system package or component kernel-rt-debuginfo Operating systems & Components / Operating system package or component kselftests-kmp-rt Operating systems & Components / Operating system package or component cluster-md-kmp-rt-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-rt Operating systems & Components / Operating system package or component kernel-rt_debug-debugsource Operating systems & Components / Operating system package or component kernel-rt-vdso-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-livepatch-devel Operating systems & Components / Operating system package or component kernel-rt-vdso Operating systems & Components / Operating system package or component kernel-rt-extra Operating systems & Components / Operating system package or component kernel-rt_debug-livepatch-devel Operating systems & Components / Operating system package or component kernel-rt-devel Operating systems & Components / Operating system package or component kselftests-kmp-rt-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-rt-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-devel-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-devel-debuginfo Operating systems & Components / Operating system package or component kernel-rt-extra-debuginfo Operating systems & Components / Operating system package or component kernel-rt-optional-debuginfo Operating systems & Components / Operating system package or component kernel-rt-optional Operating systems & Components / Operating system package or component reiserfs-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-syms-rt Operating systems & Components / Operating system package or component kernel-rt_debug-vdso-debuginfo Operating systems & Components / Operating system package or component reiserfs-kmp-rt Operating systems & Components / Operating system package or component gfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component ocfs2-kmp-rt Operating systems & Components / Operating system package or component ocfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component |
Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 162 vulnerabilities.
EUVDB-ID: #VU89382
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52610
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak in net/sched/act_ct.c. A local user can force the kernel to leak memory and perform denial of service attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90068
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52752
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the seq_printf() and spin_unlock() functions in fs/smb/client/cifs_debug.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96934
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52915
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the af9035_i2c_master_xfer() function in drivers/media/usb/dvb-usb-v2/af9035.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96935
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52916
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the aspeed_video_get_resolution() and aspeed_video_set_resolution() functions in drivers/media/platform/aspeed/aspeed-video.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89397
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-26640
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the skb_advance_to_frag() function in net/ipv4/tcp.c. A remote attacker can send specially crafted data to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91479
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26759
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the swapcache_prepare() function in mm/swapfile.c, within the do_swap_page() and folio_unlock() functions in mm/memory.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90212
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26804
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tnl_update_pmtu(), ip_md_tunnel_xmit() and ip_tunnel_xmit() functions in net/ipv4/ip_tunnel.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93450
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36953
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the kvm_register_vgic_device() function in arch/arm64/kvm/vgic/vgic-kvm-device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92373
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38538
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the EXPORT_SYMBOL_GPL() and br_dev_xmit() functions in net/bridge/br_device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92380
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38596
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the unix_stream_sendmsg() function in net/unix/af_unix.c. A local user can manipulate data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93020
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38632
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vfio_intx_enable() function in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94276
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-40965
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lpi2c_imx_config() and lpi2c_imx_probe() functions in drivers/i2c/busses/i2c-imx-lpi2c.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94241
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-40973
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_vcodec_fw_scp_init() function in drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_scp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94304
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-40983
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tipc_rcv() function in net/tipc/node.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU95093
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-42154
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sizeof() function in net/ipv4/tcp_metrics.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU95511
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-42243
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the include/linux/pagemap.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU95561
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-42252
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the closure_put_after_sub() function in lib/closure.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96203
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-42265
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __releases() function in fs/file.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96151
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-42294
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the del_gendisk() function in block/genhd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96164
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-42304
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the __ext4_read_dirblock(), ext4_empty_dir() and ext4_get_first_dir_block() functions in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96182
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-42305
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the add_dirent_to_buf() and make_indexed_dir() functions in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96184
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-42306
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the udf_sb_free_bitmap() function in fs/udf/super.c, within the read_block_bitmap() and __load_block_bitmap() functions in fs/udf/balloc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96169
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43828
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ext4_es_find_extent_range() function in fs/ext4/extents_status.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96149
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43832
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the make_folio_secure() and folio_wait_writeback() functions in arch/s390/kernel/uv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96148
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43835
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the virtnet_receive(), virtnet_poll_cleantx(), virtnet_poll() and virtnet_poll_tx() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96170
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43845
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the udf_rename() function in fs/udf/namei.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96286
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43870
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the event_sched_out() function in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96544
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43890
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the get_free_elt(), tracing_map_clear() and tracing_map_create() functions in kernel/trace/tracing_map.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96533
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43898
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ext4_da_do_write_end() function in fs/ext4/inode.c, within the __block_commit_write() function in fs/buffer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96529
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43904
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn30_apply_idle_power_optimizations() function in drivers/gpu/drm/amd/display/dc/hwss/dcn30/dcn30_hwseq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96542
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43914
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the reshape_request() function in drivers/md/raid5.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96522
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44935
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __sctp_hash_endpoint() and __sctp_unhash_endpoint() functions in net/sctp/input.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96639
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44944
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96658
Risk: Low
CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2024-44946
CWE-ID:
CWE-416 - Use After Free
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kcm_sendmsg(), KCM_STATS_ADD(), sk->sk_write_space() and init_kcm_sock() functions in net/kcm/kcmsock.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU96711
Risk: Low
CVSSv4.0: 5.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2024-44947
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fuse_notify_store() function in fs/fuse/dev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU96889
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44948
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mtrr_save_state() function in arch/x86/kernel/cpu/mtrr/mtrr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96875
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44950
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sc16is7xx_set_baud() function in drivers/tty/serial/sc16is7xx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96856
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44951
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sc16is7xx_set_baud(), sc16is7xx_handle_rx() and sc16is7xx_handle_tx() functions in drivers/tty/serial/sc16is7xx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96857
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44952
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the make_driver_name() and module_remove_driver() functions in drivers/base/module.c, within the dev_uevent() and uevent_show() functions in drivers/base/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96859
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44954
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the line6_data_received() function in sound/usb/line6/driver.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96854
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44960
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the usb_ep_enable() function in drivers/usb/gadget/udc/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96881
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44961
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amdgpu_job_prepare_job() function in drivers/gpu/drm/amd/amdgpu/amdgpu_job.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96868
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44962
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ps_cancel_timer() function in drivers/bluetooth/btnxpuart.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96878
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44965
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the pti_clone_pgtable() function in arch/x86/mm/pti.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96890
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44967
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mga_i2c_read_gpio(), mga_gpio_getscl() and mgag200_i2c_init() functions in drivers/gpu/drm/mgag200/mgag200_i2c.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96885
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44969
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the sclp_sd_store_data() function in drivers/s390/char/sclp_sd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96876
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44970
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/net/ethernet/mellanox/mlx5/core/en_rx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96832
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44971
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcm_sf2_mdio_register() function in drivers/net/dsa/bcm_sf2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96844
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44977
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ta_if_load_debugfs_write() function in drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96828
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44982
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dpu_plane_prepare_fb() function in drivers/gpu/drm/msm/disp/dpu1/dpu_plane.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96873
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44984
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bnxt_rx_xdp() function in drivers/net/ethernet/broadcom/bnxt/bnxt_xdp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96837
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44985
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ip6_xmit() function in net/ipv6/ip6_output.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96838
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44986
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ip6_finish_output2() function in net/ipv6/ip6_output.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96839
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44987
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ip6_send_skb() function in net/ipv6/ip6_output.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96845
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44988
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mv88e6xxx_g1_atu_prob_irq_thread_fn() function in drivers/net/dsa/mv88e6xxx/global1_atu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96847
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44989
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bond_ipsec_del_sa_all() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96848
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44990
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bond_ipsec_offload_ok() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96840
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44991
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL() and tcp_sk_exit_batch() functions in net/ipv4/tcp_ipv4.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96841
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44997
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mtk_wed_setup_tc_block_cb() and mtk_wed_setup_tc_block() functions in drivers/net/ethernet/mediatek/mtk_wed.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96842
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44998
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dequeue_rx() function in drivers/atm/idt77252.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96870
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44999
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the gtp_dev_xmit() function in drivers/net/gtp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96850
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45000
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the spin_lock() function in fs/fscache/cookie.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96874
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45001
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mana_get_rxbuf_cfg() function in drivers/net/ethernet/microsoft/mana/mana_en.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96851
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45002
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the osnoise_init_top() function in tools/tracing/rtla/src/osnoise_top.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96843
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45003
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the inode_lru_list_del(), evict() and inode_lru_isolate() functions in fs/inode.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96867
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45005
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the arch/s390/kvm/kvm-s390.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96852
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45006
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xhci_configure_endpoint() and xhci_setup_device() functions in drivers/usb/host/xhci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96888
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45007
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the MODULE_LICENSE(), cleanup_dev(), report_io_error() and xillyusb_init() functions in drivers/char/xillybus/xillyusb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96883
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45008
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the input_mt_init_slots() function in drivers/input/input-mt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97195
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45011
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the xillyusb_setup_base_eps() and setup_channels() functions in drivers/char/xillybus/xillyusb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97181
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45012
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nvkm_falcon_fw_boot() function in drivers/gpu/drm/nouveau/nvkm/falcon/fw.c, within the nvkm_firmware_dtor() and nvkm_firmware_ctor() functions in drivers/gpu/drm/nouveau/nvkm/core/firmware.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97168
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45013
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nvme_stop_ctrl() and EXPORT_SYMBOL_GPL() functions in drivers/nvme/host/core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97171
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45015
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dpu_encoder_virt_atomic_mode_set() and dpu_encoder_virt_atomic_enable() functions in drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97177
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45017
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ipsec_fs_roce_tx_mpv_create() and ipsec_fs_roce_rx_mpv_create() functions in drivers/net/ethernet/mellanox/mlx5/core/lib/ipsec_fs_roce.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97182
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45018
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nf_flow_offload_tuple() function in net/netfilter/nf_flow_table_offload.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97178
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45019
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5e_tx_reporter_timeout_recover() function in drivers/net/ethernet/mellanox/mlx5/core/en/reporter_tx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1
kernel-rt-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-debuginfo: before 6.4.0-150600.10.14.1
kselftests-kmp-rt: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
cluster-md-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1
gfs2-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-vdso: before 6.4.0-150600.10.14.1
kernel-rt-extra: before 6.4.0-150600.10.14.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1
kernel-rt-devel: before 6.4.0-150600.10.14.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
dlm-kmp-rt: before 6.4.0-150600.10.14.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1
kernel-rt-optional: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
kernel-syms-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1
reiserfs-kmp-rt: before 6.4.0-150600.10.14.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt: before 6.4.0-150600.10.14.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97170
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45020
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the stacksafe() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1
kernel-rt: before 6.4.0-150600.10.14.1
kernel-rt_debug: before 6.4.0-150600.10.14.1
kernel-source-rt: before 6.4.0-150600.10.14.1
kernel-devel-rt: before 6