SUSE update for the Linux Kernel



Risk Medium
Patch available YES
Number of vulnerabilities 162
CVE-ID CVE-2023-52610
CVE-2023-52752
CVE-2023-52915
CVE-2023-52916
CVE-2024-26640
CVE-2024-26759
CVE-2024-26804
CVE-2024-36953
CVE-2024-38538
CVE-2024-38596
CVE-2024-38632
CVE-2024-40965
CVE-2024-40973
CVE-2024-40983
CVE-2024-42154
CVE-2024-42243
CVE-2024-42252
CVE-2024-42265
CVE-2024-42294
CVE-2024-42304
CVE-2024-42305
CVE-2024-42306
CVE-2024-43828
CVE-2024-43832
CVE-2024-43835
CVE-2024-43845
CVE-2024-43870
CVE-2024-43890
CVE-2024-43898
CVE-2024-43904
CVE-2024-43914
CVE-2024-44935
CVE-2024-44944
CVE-2024-44946
CVE-2024-44947
CVE-2024-44948
CVE-2024-44950
CVE-2024-44951
CVE-2024-44952
CVE-2024-44954
CVE-2024-44960
CVE-2024-44961
CVE-2024-44962
CVE-2024-44965
CVE-2024-44967
CVE-2024-44969
CVE-2024-44970
CVE-2024-44971
CVE-2024-44977
CVE-2024-44982
CVE-2024-44984
CVE-2024-44985
CVE-2024-44986
CVE-2024-44987
CVE-2024-44988
CVE-2024-44989
CVE-2024-44990
CVE-2024-44991
CVE-2024-44997
CVE-2024-44998
CVE-2024-44999
CVE-2024-45000
CVE-2024-45001
CVE-2024-45002
CVE-2024-45003
CVE-2024-45005
CVE-2024-45006
CVE-2024-45007
CVE-2024-45008
CVE-2024-45011
CVE-2024-45012
CVE-2024-45013
CVE-2024-45015
CVE-2024-45017
CVE-2024-45018
CVE-2024-45019
CVE-2024-45020
CVE-2024-45021
CVE-2024-45022
CVE-2024-45023
CVE-2024-45026
CVE-2024-45028
CVE-2024-45029
CVE-2024-45030
CVE-2024-46672
CVE-2024-46673
CVE-2024-46674
CVE-2024-46675
CVE-2024-46676
CVE-2024-46677
CVE-2024-46679
CVE-2024-46685
CVE-2024-46686
CVE-2024-46687
CVE-2024-46689
CVE-2024-46691
CVE-2024-46692
CVE-2024-46693
CVE-2024-46694
CVE-2024-46695
CVE-2024-46702
CVE-2024-46706
CVE-2024-46707
CVE-2024-46709
CVE-2024-46710
CVE-2024-46714
CVE-2024-46715
CVE-2024-46716
CVE-2024-46717
CVE-2024-46719
CVE-2024-46720
CVE-2024-46722
CVE-2024-46723
CVE-2024-46724
CVE-2024-46725
CVE-2024-46726
CVE-2024-46728
CVE-2024-46729
CVE-2024-46730
CVE-2024-46731
CVE-2024-46732
CVE-2024-46734
CVE-2024-46735
CVE-2024-46737
CVE-2024-46738
CVE-2024-46739
CVE-2024-46741
CVE-2024-46743
CVE-2024-46744
CVE-2024-46745
CVE-2024-46746
CVE-2024-46747
CVE-2024-46749
CVE-2024-46750
CVE-2024-46751
CVE-2024-46752
CVE-2024-46753
CVE-2024-46755
CVE-2024-46756
CVE-2024-46757
CVE-2024-46758
CVE-2024-46759
CVE-2024-46760
CVE-2024-46761
CVE-2024-46767
CVE-2024-46771
CVE-2024-46772
CVE-2024-46773
CVE-2024-46774
CVE-2024-46776
CVE-2024-46778
CVE-2024-46780
CVE-2024-46781
CVE-2024-46783
CVE-2024-46784
CVE-2024-46786
CVE-2024-46787
CVE-2024-46791
CVE-2024-46794
CVE-2024-46797
CVE-2024-46798
CVE-2024-46822
CWE-ID CWE-401
CWE-416
CWE-476
CWE-399
CWE-362
CWE-388
CWE-908
CWE-366
CWE-667
CWE-20
CWE-119
CWE-843
CWE-125
CWE-665
CWE-369
CWE-835
CWE-682
CWE-415
CWE-191
Exploitation vector Network
Public exploit Public exploit code for vulnerability #34 is available.
Public exploit code for vulnerability #35 is available.
Vulnerable software
SUSE Real Time Module
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource
Operating systems & Components / Operating system package or component

kernel-livepatch-6_4_0-150600_10_14-rt
Operating systems & Components / Operating system package or component

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug
Operating systems & Components / Operating system package or component

kernel-source-rt
Operating systems & Components / Operating system package or component

kernel-devel-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso
Operating systems & Components / Operating system package or component

kernel-rt-debugsource
Operating systems & Components / Operating system package or component

kernel-rt-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-rt
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-debugsource
Operating systems & Components / Operating system package or component

kernel-rt-vdso-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-rt-vdso
Operating systems & Components / Operating system package or component

kernel-rt-extra
Operating systems & Components / Operating system package or component

kernel-rt_debug-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-rt-devel
Operating systems & Components / Operating system package or component

kselftests-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-optional
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-syms-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt
Operating systems & Components / Operating system package or component

gfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 162 vulnerabilities.

1) Memory leak

EUVDB-ID: #VU89382

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52610

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform DoS attack on the target system.

The vulnerability exists due memory leak in net/sched/act_ct.c. A local user can force the kernel to leak memory and perform denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU90068

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52752

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the seq_printf() and spin_unlock() functions in fs/smb/client/cifs_debug.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) NULL pointer dereference

EUVDB-ID: #VU96934

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52915

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the af9035_i2c_master_xfer() function in drivers/media/usb/dvb-usb-v2/af9035.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Resource management error

EUVDB-ID: #VU96935

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52916

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the aspeed_video_get_resolution() and aspeed_video_set_resolution() functions in drivers/media/platform/aspeed/aspeed-video.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Resource management error

EUVDB-ID: #VU89397

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-26640

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the skb_advance_to_frag() function in net/ipv4/tcp.c. A remote attacker can send specially crafted data to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Race condition

EUVDB-ID: #VU91479

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26759

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the swapcache_prepare() function in mm/swapfile.c, within the do_swap_page() and folio_unlock() functions in mm/memory.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free

EUVDB-ID: #VU90212

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26804

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tnl_update_pmtu(), ip_md_tunnel_xmit() and ip_tunnel_xmit() functions in net/ipv4/ip_tunnel.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Improper error handling

EUVDB-ID: #VU93450

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36953

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the kvm_register_vgic_device() function in arch/arm64/kvm/vgic/vgic-kvm-device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use of uninitialized resource

EUVDB-ID: #VU92373

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38538

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the EXPORT_SYMBOL_GPL() and br_dev_xmit() functions in net/bridge/br_device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Race condition within a thread

EUVDB-ID: #VU92380

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38596

CWE-ID: CWE-366 - Race Condition within a Thread

Exploit availability: No

Description

The vulnerability allows a local user to manipulate data.

The vulnerability exists due to a data race within the unix_stream_sendmsg() function in net/unix/af_unix.c. A local user can manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Memory leak

EUVDB-ID: #VU93020

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38632

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the vfio_intx_enable() function in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Improper locking

EUVDB-ID: #VU94276

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-40965

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the lpi2c_imx_config() and lpi2c_imx_probe() functions in drivers/i2c/busses/i2c-imx-lpi2c.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) NULL pointer dereference

EUVDB-ID: #VU94241

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-40973

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mtk_vcodec_fw_scp_init() function in drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_scp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Resource management error

EUVDB-ID: #VU94304

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-40983

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the tipc_rcv() function in net/tipc/node.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Input validation error

EUVDB-ID: #VU95093

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-42154

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the sizeof() function in net/ipv4/tcp_metrics.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Improper error handling

EUVDB-ID: #VU95511

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-42243

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the include/linux/pagemap.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Improper locking

EUVDB-ID: #VU95561

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-42252

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the closure_put_after_sub() function in lib/closure.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Input validation error

EUVDB-ID: #VU96203

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-42265

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the __releases() function in fs/file.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Improper locking

EUVDB-ID: #VU96151

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-42294

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the del_gendisk() function in block/genhd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Improper error handling

EUVDB-ID: #VU96164

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-42304

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the __ext4_read_dirblock(), ext4_empty_dir() and ext4_get_first_dir_block() functions in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Resource management error

EUVDB-ID: #VU96182

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-42305

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the add_dirent_to_buf() and make_indexed_dir() functions in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Buffer overflow

EUVDB-ID: #VU96184

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-42306

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the udf_sb_free_bitmap() function in fs/udf/super.c, within the read_block_bitmap() and __load_block_bitmap() functions in fs/udf/balloc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use of uninitialized resource

EUVDB-ID: #VU96169

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43828

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the ext4_es_find_extent_range() function in fs/ext4/extents_status.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Improper locking

EUVDB-ID: #VU96149

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43832

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the make_folio_secure() and folio_wait_writeback() functions in arch/s390/kernel/uv.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Improper locking

EUVDB-ID: #VU96148

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43835

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the virtnet_receive(), virtnet_poll_cleantx(), virtnet_poll() and virtnet_poll_tx() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Use of uninitialized resource

EUVDB-ID: #VU96170

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43845

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the udf_rename() function in fs/udf/namei.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Memory leak

EUVDB-ID: #VU96286

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43870

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the event_sched_out() function in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Buffer overflow

EUVDB-ID: #VU96544

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43890

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the get_free_elt(), tracing_map_clear() and tracing_map_create() functions in kernel/trace/tracing_map.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) NULL pointer dereference

EUVDB-ID: #VU96533

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43898

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ext4_da_do_write_end() function in fs/ext4/inode.c, within the __block_commit_write() function in fs/buffer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) NULL pointer dereference

EUVDB-ID: #VU96529

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43904

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dcn30_apply_idle_power_optimizations() function in drivers/gpu/drm/amd/display/dc/hwss/dcn30/dcn30_hwseq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Input validation error

EUVDB-ID: #VU96542

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43914

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the reshape_request() function in drivers/md/raid5.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) NULL pointer dereference

EUVDB-ID: #VU96522

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44935

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __sctp_hash_endpoint() and __sctp_unhash_endpoint() functions in net/sctp/input.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Type Confusion

EUVDB-ID: #VU96639

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44944

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to insufficient validation of user-supplied input within the ctnetlink_del_expect() function in net/netfilter/nf_conntrack_netlink.c. A local user can trigger a type confusion error and gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Use-after-free

EUVDB-ID: #VU96658

Risk: Low

CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2024-44946

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the kcm_sendmsg(), KCM_STATS_ADD(), sk->sk_write_space() and init_kcm_sock() functions in net/kcm/kcmsock.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

35) Memory leak

EUVDB-ID: #VU96711

Risk: Low

CVSSv4.0: 5.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2024-44947

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: Yes

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the fuse_notify_store() function in fs/fuse/dev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

36) Input validation error

EUVDB-ID: #VU96889

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44948

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the mtrr_save_state() function in arch/x86/kernel/cpu/mtrr/mtrr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Resource management error

EUVDB-ID: #VU96875

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44950

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the sc16is7xx_set_baud() function in drivers/tty/serial/sc16is7xx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Improper locking

EUVDB-ID: #VU96856

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44951

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the sc16is7xx_set_baud(), sc16is7xx_handle_rx() and sc16is7xx_handle_tx() functions in drivers/tty/serial/sc16is7xx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Improper locking

EUVDB-ID: #VU96857

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44952

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the make_driver_name() and module_remove_driver() functions in drivers/base/module.c, within the dev_uevent() and uevent_show() functions in drivers/base/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Improper locking

EUVDB-ID: #VU96859

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44954

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the line6_data_received() function in sound/usb/line6/driver.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) NULL pointer dereference

EUVDB-ID: #VU96854

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44960

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the usb_ep_enable() function in drivers/usb/gadget/udc/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Resource management error

EUVDB-ID: #VU96881

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44961

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the amdgpu_job_prepare_job() function in drivers/gpu/drm/amd/amdgpu/amdgpu_job.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Improper error handling

EUVDB-ID: #VU96868

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44962

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the ps_cancel_timer() function in drivers/bluetooth/btnxpuart.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Buffer overflow

EUVDB-ID: #VU96878

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44965

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the pti_clone_pgtable() function in arch/x86/mm/pti.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Input validation error

EUVDB-ID: #VU96890

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44967

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the mga_i2c_read_gpio(), mga_gpio_getscl() and mgag200_i2c_init() functions in drivers/gpu/drm/mgag200/mgag200_i2c.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Buffer overflow

EUVDB-ID: #VU96885

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44969

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the sclp_sd_store_data() function in drivers/s390/char/sclp_sd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Buffer overflow

EUVDB-ID: #VU96876

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44970

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the drivers/net/ethernet/mellanox/mlx5/core/en_rx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Memory leak

EUVDB-ID: #VU96832

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44971

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the bcm_sf2_mdio_register() function in drivers/net/dsa/bcm_sf2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Out-of-bounds read

EUVDB-ID: #VU96844

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44977

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ta_if_load_debugfs_write() function in drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Memory leak

EUVDB-ID: #VU96828

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44982

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the dpu_plane_prepare_fb() function in drivers/gpu/drm/msm/disp/dpu1/dpu_plane.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Resource management error

EUVDB-ID: #VU96873

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44984

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the bnxt_rx_xdp() function in drivers/net/ethernet/broadcom/bnxt/bnxt_xdp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Use-after-free

EUVDB-ID: #VU96837

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44985

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ip6_xmit() function in net/ipv6/ip6_output.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Use-after-free

EUVDB-ID: #VU96838

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44986

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ip6_finish_output2() function in net/ipv6/ip6_output.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Use-after-free

EUVDB-ID: #VU96839

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44987

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ip6_send_skb() function in net/ipv6/ip6_output.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Out-of-bounds read

EUVDB-ID: #VU96845

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44988

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the mv88e6xxx_g1_atu_prob_irq_thread_fn() function in drivers/net/dsa/mv88e6xxx/global1_atu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) NULL pointer dereference

EUVDB-ID: #VU96847

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44989

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the bond_ipsec_del_sa_all() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) NULL pointer dereference

EUVDB-ID: #VU96848

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44990

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the bond_ipsec_offload_ok() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Use-after-free

EUVDB-ID: #VU96840

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44991

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL() and tcp_sk_exit_batch() functions in net/ipv4/tcp_ipv4.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Use-after-free

EUVDB-ID: #VU96841

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44997

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mtk_wed_setup_tc_block_cb() and mtk_wed_setup_tc_block() functions in drivers/net/ethernet/mediatek/mtk_wed.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Use-after-free

EUVDB-ID: #VU96842

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44998

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dequeue_rx() function in drivers/atm/idt77252.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Use of uninitialized resource

EUVDB-ID: #VU96870

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44999

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the gtp_dev_xmit() function in drivers/net/gtp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) NULL pointer dereference

EUVDB-ID: #VU96850

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45000

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the spin_lock() function in fs/fscache/cookie.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Resource management error

EUVDB-ID: #VU96874

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45001

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the mana_get_rxbuf_cfg() function in drivers/net/ethernet/microsoft/mana/mana_en.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) NULL pointer dereference

EUVDB-ID: #VU96851

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45002

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the osnoise_init_top() function in tools/tracing/rtla/src/osnoise_top.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Use-after-free

EUVDB-ID: #VU96843

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45003

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the inode_lru_list_del(), evict() and inode_lru_isolate() functions in fs/inode.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Improper error handling

EUVDB-ID: #VU96867

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45005

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the arch/s390/kvm/kvm-s390.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) NULL pointer dereference

EUVDB-ID: #VU96852

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45006

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the xhci_configure_endpoint() and xhci_setup_device() functions in drivers/usb/host/xhci.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Input validation error

EUVDB-ID: #VU96888

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45007

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the MODULE_LICENSE(), cleanup_dev(), report_io_error() and xillyusb_init() functions in drivers/char/xillybus/xillyusb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Buffer overflow

EUVDB-ID: #VU96883

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45008

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the input_mt_init_slots() function in drivers/input/input-mt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Input validation error

EUVDB-ID: #VU97195

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45011

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the xillyusb_setup_base_eps() and setup_channels() functions in drivers/char/xillybus/xillyusb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Improper error handling

EUVDB-ID: #VU97181

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45012

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the nvkm_falcon_fw_boot() function in drivers/gpu/drm/nouveau/nvkm/falcon/fw.c, within the nvkm_firmware_dtor() and nvkm_firmware_ctor() functions in drivers/gpu/drm/nouveau/nvkm/core/firmware.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Use-after-free

EUVDB-ID: #VU97168

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45013

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nvme_stop_ctrl() and EXPORT_SYMBOL_GPL() functions in drivers/nvme/host/core.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) NULL pointer dereference

EUVDB-ID: #VU97171

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45015

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dpu_encoder_virt_atomic_mode_set() and dpu_encoder_virt_atomic_enable() functions in drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Improper locking

EUVDB-ID: #VU97177

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45017

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ipsec_fs_roce_tx_mpv_create() and ipsec_fs_roce_rx_mpv_create() functions in drivers/net/ethernet/mellanox/mlx5/core/lib/ipsec_fs_roce.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) Use of uninitialized resource

EUVDB-ID: #VU97182

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45018

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the nf_flow_offload_tuple() function in net/netfilter/nf_flow_table_offload.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) Improper locking

EUVDB-ID: #VU97178

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45019

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the mlx5e_tx_reporter_timeout_recover() function in drivers/net/ethernet/mellanox/mlx5/core/en/reporter_tx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.14.1

kernel-rt-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-debuginfo: before 6.4.0-150600.10.14.1

kselftests-kmp-rt: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

cluster-md-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.14.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.14.1

gfs2-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-vdso: before 6.4.0-150600.10.14.1

kernel-rt-extra: before 6.4.0-150600.10.14.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.14.1

kernel-rt-devel: before 6.4.0-150600.10.14.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

dlm-kmp-rt: before 6.4.0-150600.10.14.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.14.1

kernel-rt-optional: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

kernel-syms-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.14.1

reiserfs-kmp-rt: before 6.4.0-150600.10.14.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt: before 6.4.0-150600.10.14.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243564-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) Out-of-bounds read

EUVDB-ID: #VU97170

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45020

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the stacksafe() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo: before 1-150600.1.3.1

kernel-rt: before 6.4.0-150600.10.14.1

kernel-rt_debug: before 6.4.0-150600.10.14.1

kernel-source-rt: before 6.4.0-150600.10.14.1

kernel-devel-rt: before 6