Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 268 |
CVE-ID | CVE-2023-52766 CVE-2023-52800 CVE-2023-52881 CVE-2023-52917 CVE-2023-52918 CVE-2023-52919 CVE-2023-6270 CVE-2024-26758 CVE-2024-26761 CVE-2024-26767 CVE-2024-26943 CVE-2024-27026 CVE-2024-27043 CVE-2024-35980 CVE-2024-36244 CVE-2024-38576 CVE-2024-38577 CVE-2024-38599 CVE-2024-41016 CVE-2024-41031 CVE-2024-41047 CVE-2024-41082 CVE-2024-42145 CVE-2024-44932 CVE-2024-44958 CVE-2024-44964 CVE-2024-45016 CVE-2024-45025 CVE-2024-46678 CVE-2024-46721 CVE-2024-46754 CVE-2024-46766 CVE-2024-46770 CVE-2024-46775 CVE-2024-46777 CVE-2024-46797 CVE-2024-46802 CVE-2024-46803 CVE-2024-46804 CVE-2024-46805 CVE-2024-46806 CVE-2024-46807 CVE-2024-46809 CVE-2024-46810 CVE-2024-46811 CVE-2024-46812 CVE-2024-46813 CVE-2024-46814 CVE-2024-46815 CVE-2024-46816 CVE-2024-46817 CVE-2024-46818 CVE-2024-46819 CVE-2024-46821 CVE-2024-46825 CVE-2024-46826 CVE-2024-46827 CVE-2024-46828 CVE-2024-46830 CVE-2024-46831 CVE-2024-46834 CVE-2024-46835 CVE-2024-46836 CVE-2024-46840 CVE-2024-46841 CVE-2024-46842 CVE-2024-46843 CVE-2024-46846 CVE-2024-46848 CVE-2024-46849 CVE-2024-46851 CVE-2024-46852 CVE-2024-46853 CVE-2024-46854 CVE-2024-46855 CVE-2024-46857 CVE-2024-46859 CVE-2024-46860 CVE-2024-46861 CVE-2024-46864 CVE-2024-46870 CVE-2024-46871 CVE-2024-47658 CVE-2024-47660 CVE-2024-47661 CVE-2024-47662 CVE-2024-47663 CVE-2024-47664 CVE-2024-47665 CVE-2024-47667 CVE-2024-47668 CVE-2024-47669 CVE-2024-47670 CVE-2024-47671 CVE-2024-47672 CVE-2024-47673 CVE-2024-47674 CVE-2024-47675 CVE-2024-47681 CVE-2024-47682 CVE-2024-47684 CVE-2024-47685 CVE-2024-47686 CVE-2024-47687 CVE-2024-47688 CVE-2024-47692 CVE-2024-47693 CVE-2024-47695 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47702 CVE-2024-47704 CVE-2024-47705 CVE-2024-47706 CVE-2024-47707 CVE-2024-47709 CVE-2024-47710 CVE-2024-47712 CVE-2024-47713 CVE-2024-47714 CVE-2024-47715 CVE-2024-47718 CVE-2024-47719 CVE-2024-47720 CVE-2024-47723 CVE-2024-47727 CVE-2024-47728 CVE-2024-47730 CVE-2024-47731 CVE-2024-47732 CVE-2024-47735 CVE-2024-47737 CVE-2024-47738 CVE-2024-47739 CVE-2024-47741 CVE-2024-47742 CVE-2024-47743 CVE-2024-47744 CVE-2024-47745 CVE-2024-47747 CVE-2024-47748 CVE-2024-47749 CVE-2024-47750 CVE-2024-47751 CVE-2024-47752 CVE-2024-47753 CVE-2024-47754 CVE-2024-47756 CVE-2024-47757 CVE-2024-49850 CVE-2024-49851 CVE-2024-49853 CVE-2024-49855 CVE-2024-49858 CVE-2024-49860 CVE-2024-49861 CVE-2024-49862 CVE-2024-49863 CVE-2024-49864 CVE-2024-49867 CVE-2024-49870 CVE-2024-49871 CVE-2024-49874 CVE-2024-49875 CVE-2024-49877 CVE-2024-49878 CVE-2024-49879 CVE-2024-49882 CVE-2024-49886 CVE-2024-49888 CVE-2024-49890 CVE-2024-49891 CVE-2024-49892 CVE-2024-49896 CVE-2024-49898 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49906 CVE-2024-49907 CVE-2024-49908 CVE-2024-49914 CVE-2024-49917 CVE-2024-49918 CVE-2024-49919 CVE-2024-49920 CVE-2024-49928 CVE-2024-49929 CVE-2024-49930 CVE-2024-49931 CVE-2024-49935 CVE-2024-49936 CVE-2024-49937 CVE-2024-49938 CVE-2024-49939 CVE-2024-49946 CVE-2024-49947 CVE-2024-49949 CVE-2024-49950 CVE-2024-49953 CVE-2024-49954 CVE-2024-49955 CVE-2024-49957 CVE-2024-49958 CVE-2024-49960 CVE-2024-49961 CVE-2024-49962 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49967 CVE-2024-49969 CVE-2024-49972 CVE-2024-49973 CVE-2024-49974 CVE-2024-49981 CVE-2024-49982 CVE-2024-49985 CVE-2024-49986 CVE-2024-49991 CVE-2024-49993 CVE-2024-49995 CVE-2024-49996 CVE-2024-50000 CVE-2024-50001 CVE-2024-50002 CVE-2024-50007 CVE-2024-50008 CVE-2024-50013 CVE-2024-50017 CVE-2024-50019 CVE-2024-50020 CVE-2024-50021 CVE-2024-50022 CVE-2024-50023 CVE-2024-50024 CVE-2024-50025 CVE-2024-50027 CVE-2024-50028 CVE-2024-50031 CVE-2024-50033 CVE-2024-50035 CVE-2024-50040 CVE-2024-50041 CVE-2024-50042 CVE-2024-50044 CVE-2024-50045 CVE-2024-50046 CVE-2024-50047 CVE-2024-50048 CVE-2024-50049 CVE-2024-50055 CVE-2024-50058 CVE-2024-50059 CVE-2024-50060 CVE-2024-50061 CVE-2024-50062 CVE-2024-50063 CVE-2024-50064 CVE-2024-50069 CVE-2024-50073 CVE-2024-50074 CVE-2024-50075 CVE-2024-50076 CVE-2024-50077 CVE-2024-50078 |
CWE-ID | CWE-125 CWE-416 CWE-451 CWE-476 CWE-399 CWE-835 CWE-191 CWE-119 CWE-667 CWE-401 CWE-682 CWE-20 CWE-190 CWE-388 CWE-617 CWE-362 CWE-193 CWE-665 CWE-369 CWE-908 CWE-415 CWE-200 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software |
SUSE Real Time Module Operating systems & Components / Operating system SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-6_4_0-150600_10_17-rt Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource Operating systems & Components / Operating system package or component kernel-rt_debug Operating systems & Components / Operating system package or component kernel-rt Operating systems & Components / Operating system package or component kernel-devel-rt Operating systems & Components / Operating system package or component kernel-source-rt Operating systems & Components / Operating system package or component kernel-rt-livepatch-devel Operating systems & Components / Operating system package or component kernel-syms-rt Operating systems & Components / Operating system package or component kernel-rt-devel Operating systems & Components / Operating system package or component reiserfs-kmp-rt Operating systems & Components / Operating system package or component ocfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-vdso Operating systems & Components / Operating system package or component kernel-rt_debug-devel Operating systems & Components / Operating system package or component kselftests-kmp-rt Operating systems & Components / Operating system package or component dlm-kmp-rt Operating systems & Components / Operating system package or component kernel-rt_debug-vdso Operating systems & Components / Operating system package or component kernel-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-debugsource Operating systems & Components / Operating system package or component kselftests-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-vdso-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-optional-debuginfo Operating systems & Components / Operating system package or component kernel-rt-extra Operating systems & Components / Operating system package or component kernel-rt-extra-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-livepatch-devel Operating systems & Components / Operating system package or component dlm-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-debugsource Operating systems & Components / Operating system package or component kernel-rt_debug-devel-debuginfo Operating systems & Components / Operating system package or component kernel-rt-optional Operating systems & Components / Operating system package or component reiserfs-kmp-rt-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-rt-debuginfo Operating systems & Components / Operating system package or component ocfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-vdso-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-devel-debuginfo Operating systems & Components / Operating system package or component |
Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 268 vulnerabilities.
EUVDB-ID: #VU91086
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52766
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hci_dma_irq_handler() function in drivers/i3c/master/mipi-i3c-hci/dma.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90071
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52800
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath11k_htt_pktlog() function in drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89895
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-52881
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to an error within the tcp_ack() function in net/ipv4/tcp_input.c, which can result in system accepting ACK responses for bytes that were never sent. A remote attacker can perform spoofing attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98973
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52917
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ndev_init_debugfs() function in drivers/ntb/hw/intel/ntb_hw_gen1.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99254
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52918
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cx23885_video_register() function in drivers/media/pci/cx23885/cx23885-video.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99255
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52919
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the send_acknowledge() function in net/nfc/nci/spi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91599
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-6270
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93873
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26758
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93779
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26761
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __cxl_hdm_decode_init() function in drivers/cxl/core/pci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91415
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26767
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the link_validate_dpia_bandwidth() function in drivers/gpu/drm/amd/display/dc/link/link_validation.c, within the get_firmware_info_v3_2(), get_integrated_info_v11(), get_integrated_info_v2_1() and get_integrated_info_v2_2() functions in drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90527
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26943
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nouveau_dmem_evict_chunk() function in drivers/gpu/drm/nouveau/nouveau_dmem.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93842
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27026
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vmxnet3_process_xdp() function in drivers/net/vmxnet3/vmxnet3_xdp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90178
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27043
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dvb_register_device() function in drivers/media/dvb-core/dvbdev.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91667
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35980
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the arch/arm64/include/asm/tlbflush.h. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93252
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36244
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the parse_taprio_schedule() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92377
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38576
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the kernel/rcu/tree_stall.h. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92378
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38577
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the kernel/rcu/tasks.h. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92319
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38599
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_jffs2_setxattr() function in fs/jffs2/xattr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94837
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41016
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ocfs2_xattr_find_entry() function in fs/ocfs2/xattr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU95070
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41031
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the do_sync_mmap_readahead() function in mm/filemap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94994
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41047
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the i40e_xdp_setup() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU95073
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41082
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nvmf_reg_read32(), nvmf_reg_read64() and nvmf_reg_write32() functions in drivers/nvme/host/fabrics.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU95054
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-42145
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the MODULE_AUTHOR(), __get_agent(), send_handler(), recv_handler() and ib_umad_read() functions in drivers/infiniband/core/user_mad.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96516
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44932
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the idpf_vport_intr_napi_dis_all() and idpf_vport_intr_rel() functions in drivers/net/ethernet/intel/idpf/idpf_txrx.c, within the idpf_vport_stop(), idpf_vport_open() and idpf_send_map_unmap_queue_vector_msg() functions in drivers/net/ethernet/intel/idpf/idpf_lib.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96880
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44958
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sched_cpu_deactivate() function in kernel/sched/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96831
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44964
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the idpf_rx_init_buf_tail(), idpf_vport_open(), idpf_init_task(), idpf_initiate_soft_reset() and idpf_open() functions in drivers/net/ethernet/intel/idpf/idpf_lib.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97169
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45016
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the netem_enqueue() function in net/sched/sch_netem.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97193
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45025
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the free_fdtable_rcu(), copy_fdtable() and dup_fd() functions in fs/file.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97266
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46678
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the bond_ipsec_add_sa(), bond_ipsec_add_sa_all(), bond_ipsec_del_sa(), bond_ipsec_del_sa_all(), bond_setup() and bond_uninit() functions in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97532
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46721
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __aafs_profile_mkdir() function in security/apparmor/apparmorfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97566
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46754
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the net/core/filter.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97506
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46766
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ice_napi_add(), ice_reinit_interrupt_scheme(), ice_suspend() and ice_vsi_open() functions in drivers/net/ethernet/intel/ice/ice_main.c, within the ice_vsi_cfg_def(), ice_vsi_close() and ice_dis_vsi() functions in drivers/net/ethernet/intel/ice/ice_lib.c, within the ice_free_q_vector() function in drivers/net/ethernet/intel/ice/ice_base.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97520
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46770
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_prepare_for_reset(), ice_update_pf_netdev_link() and ice_rebuild() functions in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97568
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46775
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the perform_link_training_with_retries() function in drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_training.c, within the hubbub2_program_watermarks() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hubbub.c, within the dc_dmub_srv_cmd_run_list() and dc_dmub_srv_get_visual_confirm_color_cmd() functions in drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97550
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46777
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the udf_fill_partdesc_info() function in fs/udf/super.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97515
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46797
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the barrier() function in arch/powerpc/lib/qspinlock.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97838
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46802
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the resource_build_bit_depth_reduction_params() function in drivers/gpu/drm/amd/display/dc/core/dc_resource.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97792
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46803
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the debug_event_write_work_handler() and kfd_dbg_trap_disable() functions in drivers/gpu/drm/amd/amdkfd/kfd_debug.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97827
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46804
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the read() and write() functions in drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97793
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46805
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the psp_xgmi_reflect_topology_info() function in drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97828
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46806
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the aqua_vanjaram_switch_partition_mode() function in drivers/gpu/drm/amd/amdgpu/aqua_vanjaram.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97794
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46807
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_device_recover_vram() function in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97813
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46809
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the get_ss_info_v3_1(), get_ss_info_from_internal_ss_info_tbl_V2_1(), get_ss_info_from_ss_info_table(), get_ss_entry_number_from_ss_info_tbl(), get_ss_entry_number_from_internal_ss_info_tbl_v2_1() and get_ss_entry_number_from_internal_ss_info_tbl_V3_1() functions in drivers/gpu/drm/amd/display/dc/bios/bios_parser.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97796
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46810
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tc_irq_handler() function in drivers/gpu/drm/bridge/tc358767.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97812
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46811
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the dcn321_update_bw_bounding_box_fpu() function in drivers/gpu/drm/amd/display/dc/dml/dcn321/dcn321_fpu.c, within the dcn32_update_bw_bounding_box_fpu() function in drivers/gpu/drm/amd/display/dc/dml/dcn32/dcn32_fpu.c, within the dcn303_fpu_update_bw_bounding_box() function in drivers/gpu/drm/amd/display/dc/dml/dcn303/dcn303_fpu.c, within the dcn302_fpu_update_bw_bounding_box() function in drivers/gpu/drm/amd/display/dc/dml/dcn302/dcn302_fpu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97845
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46812
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ModeSupportAndSystemConfiguration() function in drivers/gpu/drm/amd/display/dc/dml/display_mode_vba.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97785
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46813
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dc_get_link_at_index() function in drivers/gpu/drm/amd/display/dc/core/dc_link_exports.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97844
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46814
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hdmi_14_process_transaction() and dp_11_process_transaction() functions in drivers/gpu/drm/amd/display/dc/hdcp/hdcp_msg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97843
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46815
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the build_watermark_ranges() function in drivers/gpu/drm/amd/display/dc/clk_mgr/dcn21/rn_clk_mgr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97829
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46816
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amdgpu_dm_initialize_drm_device() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97830
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46817
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amdgpu_dm_initialize_drm_device() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97842
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46818
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the is_pin_busy(), set_pin_busy(), set_pin_free(), dal_gpio_service_lock() and dal_gpio_service_unlock() functions in drivers/gpu/drm/amd/display/dc/gpio/gpio_service.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97797
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46819
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nbio_v7_4_handle_ras_controller_intr_no_bifring() function in drivers/gpu/drm/amd/amdgpu/nbio_v7_4.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97841
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46821
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the navi10_get_current_clk_freq_by_table(), navi10_emit_clk_levels(), navi10_print_clk_levels() and navi10_force_clk_levels() functions in drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97840
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46825
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the drivers/net/wireless/intel/iwlwifi/mvm/mvm.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97839
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46826
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the fs/binfmt_elf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97811
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46827
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ath12k_station_assoc() function in drivers/net/wireless/ath/ath12k/mac.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97786
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46828
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the net/sched/sch_cake.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97804
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46830
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kvm_arch_vcpu_ioctl() function in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97778
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46831
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vcap_api_encode_rule_test() function in drivers/net/ethernet/microchip/vcap/vcap_api_kunit.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97789
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46834
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ethtool_set_channels() function in net/ethtool/ioctl.c, within the ethtool_get_max_rxfh_channel() function in net/ethtool/common.c, within the ethnl_set_channels() function in net/ethtool/channels.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97831
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46835
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the gfx_v11_0_hw_init() function in drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97837
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46836
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ast_udc_getstatus() function in drivers/usb/gadget/udc/aspeed_udc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97808
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46840
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the reada_walk_down(), walk_down_proc(), do_walk_down() and walk_up_proc() functions in fs/btrfs/extent-tree.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97814
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46841
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the walk_down_proc() function in fs/btrfs/extent-tree.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97779
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46842
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lpfc_get_sfp_info_wait() function in drivers/scsi/lpfc/lpfc_els.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97832
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46843
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ufshcd_remove(), ufshcd_init() and blk_mq_free_tag_set() functions in drivers/ufs/core/ufshcd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97815
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46846
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the rockchip_spi_suspend() and rockchip_spi_resume() functions in drivers/spi/spi-rockchip.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97820
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46848
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the adl_get_hybrid_cpu_type() and intel_pmu_init() functions in arch/x86/events/intel/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97781
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46849
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the axg_card_add_tdm_loopback() function in sound/soc/meson/axg-card.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97824
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46851
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the dcn10_set_drr() function in drivers/gpu/drm/amd/display/dc/hwss/dcn10/dcn10_hwseq.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97818
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46852
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the cma_heap_vm_fault() function in drivers/dma-buf/heaps/cma_heap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97782
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46853
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nxp_fspi_fill_txfifo() function in drivers/spi/spi-nxp-fspi.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97776
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46854
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dpaa_start_xmit() function in drivers/net/ethernet/freescale/dpaa/dpaa_eth.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97777
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46855
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nft_socket_eval() function in net/netfilter/nft_socket.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97801
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46857
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_eswitch_set_vepa() and mlx5_eswitch_get_vepa() functions in drivers/net/ethernet/mellanox/mlx5/core/esw/legacy.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Real Time Module: 15-SP6
SUSE Linux Enterprise Live Patching: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1
kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1
kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1
kernel-rt_debug: before 6.4.0-150600.10.17.1
kernel-rt: before 6.4.0-150600.10.17.1
kernel-devel-rt: before 6.4.0-150600.10.17.1
kernel-source-rt: before 6.4.0-150600.10.17.1
kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1
kernel-syms-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel: before 6.4.0-150600.10.17.1
kselftests-kmp-rt: before 6.4.0-150600.10.17.1
dlm-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1
kernel-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1
kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-extra: before 6.4.0-150600.10.17.1
kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1
dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-debugsource: before 6.4.0-150600.10.17.1
kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1
kernel-rt-optional: before 6.4.0-150600.10.17.1
reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1
cluster-md-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1
gfs2-kmp-rt: before 6.4.0-150600.10.17.1
kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1
CPE2.3