SUSE update for the Linux Kernel



Risk Medium
Patch available YES
Number of vulnerabilities 268
CVE-ID CVE-2023-52766
CVE-2023-52800
CVE-2023-52881
CVE-2023-52917
CVE-2023-52918
CVE-2023-52919
CVE-2023-6270
CVE-2024-26758
CVE-2024-26761
CVE-2024-26767
CVE-2024-26943
CVE-2024-27026
CVE-2024-27043
CVE-2024-35980
CVE-2024-36244
CVE-2024-38576
CVE-2024-38577
CVE-2024-38599
CVE-2024-41016
CVE-2024-41031
CVE-2024-41047
CVE-2024-41082
CVE-2024-42145
CVE-2024-44932
CVE-2024-44958
CVE-2024-44964
CVE-2024-45016
CVE-2024-45025
CVE-2024-46678
CVE-2024-46721
CVE-2024-46754
CVE-2024-46766
CVE-2024-46770
CVE-2024-46775
CVE-2024-46777
CVE-2024-46797
CVE-2024-46802
CVE-2024-46803
CVE-2024-46804
CVE-2024-46805
CVE-2024-46806
CVE-2024-46807
CVE-2024-46809
CVE-2024-46810
CVE-2024-46811
CVE-2024-46812
CVE-2024-46813
CVE-2024-46814
CVE-2024-46815
CVE-2024-46816
CVE-2024-46817
CVE-2024-46818
CVE-2024-46819
CVE-2024-46821
CVE-2024-46825
CVE-2024-46826
CVE-2024-46827
CVE-2024-46828
CVE-2024-46830
CVE-2024-46831
CVE-2024-46834
CVE-2024-46835
CVE-2024-46836
CVE-2024-46840
CVE-2024-46841
CVE-2024-46842
CVE-2024-46843
CVE-2024-46846
CVE-2024-46848
CVE-2024-46849
CVE-2024-46851
CVE-2024-46852
CVE-2024-46853
CVE-2024-46854
CVE-2024-46855
CVE-2024-46857
CVE-2024-46859
CVE-2024-46860
CVE-2024-46861
CVE-2024-46864
CVE-2024-46870
CVE-2024-46871
CVE-2024-47658
CVE-2024-47660
CVE-2024-47661
CVE-2024-47662
CVE-2024-47663
CVE-2024-47664
CVE-2024-47665
CVE-2024-47667
CVE-2024-47668
CVE-2024-47669
CVE-2024-47670
CVE-2024-47671
CVE-2024-47672
CVE-2024-47673
CVE-2024-47674
CVE-2024-47675
CVE-2024-47681
CVE-2024-47682
CVE-2024-47684
CVE-2024-47685
CVE-2024-47686
CVE-2024-47687
CVE-2024-47688
CVE-2024-47692
CVE-2024-47693
CVE-2024-47695
CVE-2024-47696
CVE-2024-47697
CVE-2024-47698
CVE-2024-47699
CVE-2024-47702
CVE-2024-47704
CVE-2024-47705
CVE-2024-47706
CVE-2024-47707
CVE-2024-47709
CVE-2024-47710
CVE-2024-47712
CVE-2024-47713
CVE-2024-47714
CVE-2024-47715
CVE-2024-47718
CVE-2024-47719
CVE-2024-47720
CVE-2024-47723
CVE-2024-47727
CVE-2024-47728
CVE-2024-47730
CVE-2024-47731
CVE-2024-47732
CVE-2024-47735
CVE-2024-47737
CVE-2024-47738
CVE-2024-47739
CVE-2024-47741
CVE-2024-47742
CVE-2024-47743
CVE-2024-47744
CVE-2024-47745
CVE-2024-47747
CVE-2024-47748
CVE-2024-47749
CVE-2024-47750
CVE-2024-47751
CVE-2024-47752
CVE-2024-47753
CVE-2024-47754
CVE-2024-47756
CVE-2024-47757
CVE-2024-49850
CVE-2024-49851
CVE-2024-49853
CVE-2024-49855
CVE-2024-49858
CVE-2024-49860
CVE-2024-49861
CVE-2024-49862
CVE-2024-49863
CVE-2024-49864
CVE-2024-49867
CVE-2024-49870
CVE-2024-49871
CVE-2024-49874
CVE-2024-49875
CVE-2024-49877
CVE-2024-49878
CVE-2024-49879
CVE-2024-49882
CVE-2024-49886
CVE-2024-49888
CVE-2024-49890
CVE-2024-49891
CVE-2024-49892
CVE-2024-49896
CVE-2024-49898
CVE-2024-49900
CVE-2024-49902
CVE-2024-49903
CVE-2024-49906
CVE-2024-49907
CVE-2024-49908
CVE-2024-49914
CVE-2024-49917
CVE-2024-49918
CVE-2024-49919
CVE-2024-49920
CVE-2024-49928
CVE-2024-49929
CVE-2024-49930
CVE-2024-49931
CVE-2024-49935
CVE-2024-49936
CVE-2024-49937
CVE-2024-49938
CVE-2024-49939
CVE-2024-49946
CVE-2024-49947
CVE-2024-49949
CVE-2024-49950
CVE-2024-49953
CVE-2024-49954
CVE-2024-49955
CVE-2024-49957
CVE-2024-49958
CVE-2024-49960
CVE-2024-49961
CVE-2024-49962
CVE-2024-49963
CVE-2024-49965
CVE-2024-49966
CVE-2024-49967
CVE-2024-49969
CVE-2024-49972
CVE-2024-49973
CVE-2024-49974
CVE-2024-49981
CVE-2024-49982
CVE-2024-49985
CVE-2024-49986
CVE-2024-49991
CVE-2024-49993
CVE-2024-49995
CVE-2024-49996
CVE-2024-50000
CVE-2024-50001
CVE-2024-50002
CVE-2024-50007
CVE-2024-50008
CVE-2024-50013
CVE-2024-50017
CVE-2024-50019
CVE-2024-50020
CVE-2024-50021
CVE-2024-50022
CVE-2024-50023
CVE-2024-50024
CVE-2024-50025
CVE-2024-50027
CVE-2024-50028
CVE-2024-50031
CVE-2024-50033
CVE-2024-50035
CVE-2024-50040
CVE-2024-50041
CVE-2024-50042
CVE-2024-50044
CVE-2024-50045
CVE-2024-50046
CVE-2024-50047
CVE-2024-50048
CVE-2024-50049
CVE-2024-50055
CVE-2024-50058
CVE-2024-50059
CVE-2024-50060
CVE-2024-50061
CVE-2024-50062
CVE-2024-50063
CVE-2024-50064
CVE-2024-50069
CVE-2024-50073
CVE-2024-50074
CVE-2024-50075
CVE-2024-50076
CVE-2024-50077
CVE-2024-50078
CWE-ID CWE-125
CWE-416
CWE-451
CWE-476
CWE-399
CWE-835
CWE-191
CWE-119
CWE-667
CWE-401
CWE-682
CWE-20
CWE-190
CWE-388
CWE-617
CWE-362
CWE-193
CWE-665
CWE-369
CWE-908
CWE-415
CWE-200
Exploitation vector Network
Public exploit N/A
Vulnerable software
SUSE Real Time Module
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-6_4_0-150600_10_17-rt
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource
Operating systems & Components / Operating system package or component

kernel-rt_debug
Operating systems & Components / Operating system package or component

kernel-rt
Operating systems & Components / Operating system package or component

kernel-devel-rt
Operating systems & Components / Operating system package or component

kernel-source-rt
Operating systems & Components / Operating system package or component

kernel-rt-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-syms-rt
Operating systems & Components / Operating system package or component

kernel-rt-devel
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-vdso
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel
Operating systems & Components / Operating system package or component

kselftests-kmp-rt
Operating systems & Components / Operating system package or component

dlm-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso
Operating systems & Components / Operating system package or component

kernel-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-debugsource
Operating systems & Components / Operating system package or component

kselftests-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-extra
Operating systems & Components / Operating system package or component

kernel-rt-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-livepatch-devel
Operating systems & Components / Operating system package or component

dlm-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-debugsource
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-optional
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-vdso-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-devel-debuginfo
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 268 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU91086

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52766

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the hci_dma_irq_handler() function in drivers/i3c/master/mipi-i3c-hci/dma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU90071

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52800

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ath11k_htt_pktlog() function in drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Spoofing attack

EUVDB-ID: #VU89895

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-52881

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to an error within the tcp_ack() function in net/ipv4/tcp_input.c, which can result in system accepting ACK responses for bytes that were never sent. A remote attacker can perform spoofing attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) NULL pointer dereference

EUVDB-ID: #VU98973

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52917

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ndev_init_debugfs() function in drivers/ntb/hw/intel/ntb_hw_gen1.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) NULL pointer dereference

EUVDB-ID: #VU99254

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52918

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cx23885_video_register() function in drivers/media/pci/cx23885/cx23885-video.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) NULL pointer dereference

EUVDB-ID: #VU99255

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52919

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the send_acknowledge() function in net/nfc/nci/spi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free

EUVDB-ID: #VU91599

Risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6270

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Resource management error

EUVDB-ID: #VU93873

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26758

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Resource management error

EUVDB-ID: #VU93779

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26761

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the __cxl_hdm_decode_init() function in drivers/cxl/core/pci.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Infinite loop

EUVDB-ID: #VU91415

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26767

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the link_validate_dpia_bandwidth() function in drivers/gpu/drm/amd/display/dc/link/link_validation.c, within the get_firmware_info_v3_2(), get_integrated_info_v11(), get_integrated_info_v2_1() and get_integrated_info_v2_2() functions in drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) NULL pointer dereference

EUVDB-ID: #VU90527

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26943

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nouveau_dmem_evict_chunk() function in drivers/gpu/drm/nouveau/nouveau_dmem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Resource management error

EUVDB-ID: #VU93842

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27026

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the vmxnet3_process_xdp() function in drivers/net/vmxnet3/vmxnet3_xdp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Use-after-free

EUVDB-ID: #VU90178

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27043

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dvb_register_device() function in drivers/media/dvb-core/dvbdev.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Integer underflow

EUVDB-ID: #VU91667

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35980

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the arch/arm64/include/asm/tlbflush.h. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Resource management error

EUVDB-ID: #VU93252

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36244

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the parse_taprio_schedule() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Buffer overflow

EUVDB-ID: #VU92377

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38576

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the kernel/rcu/tree_stall.h. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Buffer overflow

EUVDB-ID: #VU92378

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38577

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the kernel/rcu/tasks.h. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Out-of-bounds read

EUVDB-ID: #VU92319

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38599

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the do_jffs2_setxattr() function in fs/jffs2/xattr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Out-of-bounds read

EUVDB-ID: #VU94837

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-41016

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ocfs2_xattr_find_entry() function in fs/ocfs2/xattr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Resource management error

EUVDB-ID: #VU95070

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-41031

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the do_sync_mmap_readahead() function in mm/filemap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Improper locking

EUVDB-ID: #VU94994

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-41047

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the i40e_xdp_setup() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Resource management error

EUVDB-ID: #VU95073

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-41082

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the nvmf_reg_read32(), nvmf_reg_read64() and nvmf_reg_write32() functions in drivers/nvme/host/fabrics.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Buffer overflow

EUVDB-ID: #VU95054

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-42145

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the MODULE_AUTHOR(), __get_agent(), send_handler(), recv_handler() and ib_umad_read() functions in drivers/infiniband/core/user_mad.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Use-after-free

EUVDB-ID: #VU96516

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44932

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the idpf_vport_intr_napi_dis_all() and idpf_vport_intr_rel() functions in drivers/net/ethernet/intel/idpf/idpf_txrx.c, within the idpf_vport_stop(), idpf_vport_open() and idpf_send_map_unmap_queue_vector_msg() functions in drivers/net/ethernet/intel/idpf/idpf_lib.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Resource management error

EUVDB-ID: #VU96880

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44958

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the sched_cpu_deactivate() function in kernel/sched/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Memory leak

EUVDB-ID: #VU96831

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44964

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the idpf_rx_init_buf_tail(), idpf_vport_open(), idpf_init_task(), idpf_initiate_soft_reset() and idpf_open() functions in drivers/net/ethernet/intel/idpf/idpf_lib.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Use-after-free

EUVDB-ID: #VU97169

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45016

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the netem_enqueue() function in net/sched/sch_netem.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Incorrect calculation

EUVDB-ID: #VU97193

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45025

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the free_fdtable_rcu(), copy_fdtable() and dup_fd() functions in fs/file.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Improper locking

EUVDB-ID: #VU97266

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46678

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the bond_ipsec_add_sa(), bond_ipsec_add_sa_all(), bond_ipsec_del_sa(), bond_ipsec_del_sa_all(), bond_setup() and bond_uninit() functions in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) NULL pointer dereference

EUVDB-ID: #VU97532

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46721

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __aafs_profile_mkdir() function in security/apparmor/apparmorfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Input validation error

EUVDB-ID: #VU97566

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46754

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the net/core/filter.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Out-of-bounds read

EUVDB-ID: #VU97506

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46766

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ice_napi_add(), ice_reinit_interrupt_scheme(), ice_suspend() and ice_vsi_open() functions in drivers/net/ethernet/intel/ice/ice_main.c, within the ice_vsi_cfg_def(), ice_vsi_close() and ice_dis_vsi() functions in drivers/net/ethernet/intel/ice/ice_lib.c, within the ice_free_q_vector() function in drivers/net/ethernet/intel/ice/ice_base.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) NULL pointer dereference

EUVDB-ID: #VU97520

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46770

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ice_prepare_for_reset(), ice_update_pf_netdev_link() and ice_rebuild() functions in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Input validation error

EUVDB-ID: #VU97568

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46775

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the perform_link_training_with_retries() function in drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_training.c, within the hubbub2_program_watermarks() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hubbub.c, within the dc_dmub_srv_cmd_run_list() and dc_dmub_srv_get_visual_confirm_color_cmd() functions in drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Integer overflow

EUVDB-ID: #VU97550

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46777

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the udf_fill_partdesc_info() function in fs/udf/super.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) NULL pointer dereference

EUVDB-ID: #VU97515

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46797

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the barrier() function in arch/powerpc/lib/qspinlock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Input validation error

EUVDB-ID: #VU97838

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46802

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the resource_build_bit_depth_reduction_params() function in drivers/gpu/drm/amd/display/dc/core/dc_resource.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) NULL pointer dereference

EUVDB-ID: #VU97792

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46803

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the debug_event_write_work_handler() and kfd_dbg_trap_disable() functions in drivers/gpu/drm/amd/amdkfd/kfd_debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Resource management error

EUVDB-ID: #VU97827

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46804

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the read() and write() functions in drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) NULL pointer dereference

EUVDB-ID: #VU97793

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46805

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the psp_xgmi_reflect_topology_info() function in drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Resource management error

EUVDB-ID: #VU97828

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46806

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the aqua_vanjaram_switch_partition_mode() function in drivers/gpu/drm/amd/amdgpu/aqua_vanjaram.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) NULL pointer dereference

EUVDB-ID: #VU97794

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46807

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the amdgpu_device_recover_vram() function in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Improper error handling

EUVDB-ID: #VU97813

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46809

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the get_ss_info_v3_1(), get_ss_info_from_internal_ss_info_tbl_V2_1(), get_ss_info_from_ss_info_table(), get_ss_entry_number_from_ss_info_tbl(), get_ss_entry_number_from_internal_ss_info_tbl_v2_1() and get_ss_entry_number_from_internal_ss_info_tbl_V3_1() functions in drivers/gpu/drm/amd/display/dc/bios/bios_parser.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) NULL pointer dereference

EUVDB-ID: #VU97796

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46810

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the tc_irq_handler() function in drivers/gpu/drm/bridge/tc358767.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Reachable assertion

EUVDB-ID: #VU97812

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46811

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the dcn321_update_bw_bounding_box_fpu() function in drivers/gpu/drm/amd/display/dc/dml/dcn321/dcn321_fpu.c, within the dcn32_update_bw_bounding_box_fpu() function in drivers/gpu/drm/amd/display/dc/dml/dcn32/dcn32_fpu.c, within the dcn303_fpu_update_bw_bounding_box() function in drivers/gpu/drm/amd/display/dc/dml/dcn303/dcn303_fpu.c, within the dcn302_fpu_update_bw_bounding_box() function in drivers/gpu/drm/amd/display/dc/dml/dcn302/dcn302_fpu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Input validation error

EUVDB-ID: #VU97845

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46812

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ModeSupportAndSystemConfiguration() function in drivers/gpu/drm/amd/display/dc/dml/display_mode_vba.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Out-of-bounds read

EUVDB-ID: #VU97785

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46813

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dc_get_link_at_index() function in drivers/gpu/drm/amd/display/dc/core/dc_link_exports.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Input validation error

EUVDB-ID: #VU97844

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46814

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the hdmi_14_process_transaction() and dp_11_process_transaction() functions in drivers/gpu/drm/amd/display/dc/hdcp/hdcp_msg.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Input validation error

EUVDB-ID: #VU97843

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46815

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the build_watermark_ranges() function in drivers/gpu/drm/amd/display/dc/clk_mgr/dcn21/rn_clk_mgr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Resource management error

EUVDB-ID: #VU97829

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46816

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the amdgpu_dm_initialize_drm_device() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Resource management error

EUVDB-ID: #VU97830

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46817

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the amdgpu_dm_initialize_drm_device() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Input validation error

EUVDB-ID: #VU97842

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46818

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the is_pin_busy(), set_pin_busy(), set_pin_free(), dal_gpio_service_lock() and dal_gpio_service_unlock() functions in drivers/gpu/drm/amd/display/dc/gpio/gpio_service.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) NULL pointer dereference

EUVDB-ID: #VU97797

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46819

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nbio_v7_4_handle_ras_controller_intr_no_bifring() function in drivers/gpu/drm/amd/amdgpu/nbio_v7_4.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Input validation error

EUVDB-ID: #VU97841

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46821

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the navi10_get_current_clk_freq_by_table(), navi10_emit_clk_levels(), navi10_print_clk_levels() and navi10_force_clk_levels() functions in drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Input validation error

EUVDB-ID: #VU97840

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46825

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the drivers/net/wireless/intel/iwlwifi/mvm/mvm.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Input validation error

EUVDB-ID: #VU97839

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46826

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the fs/binfmt_elf.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Input validation error

EUVDB-ID: #VU97811

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46827

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ath12k_station_assoc() function in drivers/net/wireless/ath/ath12k/mac.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Out-of-bounds read

EUVDB-ID: #VU97786

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46828

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the net/sched/sch_cake.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Improper locking

EUVDB-ID: #VU97804

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46830

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the kvm_arch_vcpu_ioctl() function in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Use-after-free

EUVDB-ID: #VU97778

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46831

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vcap_api_encode_rule_test() function in drivers/net/ethernet/microchip/vcap/vcap_api_kunit.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Out-of-bounds read

EUVDB-ID: #VU97789

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46834

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ethtool_set_channels() function in net/ethtool/ioctl.c, within the ethtool_get_max_rxfh_channel() function in net/ethtool/common.c, within the ethnl_set_channels() function in net/ethtool/channels.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Resource management error

EUVDB-ID: #VU97831

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46835

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the gfx_v11_0_hw_init() function in drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Input validation error

EUVDB-ID: #VU97837

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46836

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ast_udc_getstatus() function in drivers/usb/gadget/udc/aspeed_udc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Improper locking

EUVDB-ID: #VU97808

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46840

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the reada_walk_down(), walk_down_proc(), do_walk_down() and walk_up_proc() functions in fs/btrfs/extent-tree.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Improper error handling

EUVDB-ID: #VU97814

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46841

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the walk_down_proc() function in fs/btrfs/extent-tree.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Use-after-free

EUVDB-ID: #VU97779

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46842

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the lpfc_get_sfp_info_wait() function in drivers/scsi/lpfc/lpfc_els.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Resource management error

EUVDB-ID: #VU97832

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46843

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ufshcd_remove(), ufshcd_init() and blk_mq_free_tag_set() functions in drivers/ufs/core/ufshcd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Improper error handling

EUVDB-ID: #VU97815

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46846

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the rockchip_spi_suspend() and rockchip_spi_resume() functions in drivers/spi/spi-rockchip.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Infinite loop

EUVDB-ID: #VU97820

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46848

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the adl_get_hybrid_cpu_type() and intel_pmu_init() functions in arch/x86/events/intel/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Use-after-free

EUVDB-ID: #VU97781

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46849

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the axg_card_add_tdm_loopback() function in sound/soc/meson/axg-card.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Race condition

EUVDB-ID: #VU97824

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46851

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the dcn10_set_drr() function in drivers/gpu/drm/amd/display/dc/hwss/dcn10/dcn10_hwseq.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Off-by-one

EUVDB-ID: #VU97818

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46852

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an off-by-one error within the cma_heap_vm_fault() function in drivers/dma-buf/heaps/cma_heap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Use-after-free

EUVDB-ID: #VU97782

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46853

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nxp_fspi_fill_txfifo() function in drivers/spi/spi-nxp-fspi.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Memory leak

EUVDB-ID: #VU97776

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46854

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the dpaa_start_xmit() function in drivers/net/ethernet/freescale/dpaa/dpaa_eth.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) Memory leak

EUVDB-ID: #VU97777

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46855

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nft_socket_eval() function in net/netfilter/nft_socket.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243986-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) NULL pointer dereference

EUVDB-ID: #VU97801

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46857

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mlx5_eswitch_set_vepa() and mlx5_eswitch_get_vepa() functions in drivers/net/ethernet/mellanox/mlx5/core/esw/legacy.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_17-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.17.1

kernel-rt: before 6.4.0-150600.10.17.1

kernel-devel-rt: before 6.4.0-150600.10.17.1

kernel-source-rt: before 6.4.0-150600.10.17.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.17.1

kernel-syms-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel: before 6.4.0-150600.10.17.1

kselftests-kmp-rt: before 6.4.0-150600.10.17.1

dlm-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.17.1

kernel-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.17.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-extra: before 6.4.0-150600.10.17.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt_debug-livepatch-devel: before 6.4.0-150600.10.17.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-debugsource: before 6.4.0-150600.10.17.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.17.1

kernel-rt-optional: before 6.4.0-150600.10.17.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.17.1

cluster-md-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.17.1

gfs2-kmp-rt: before 6.4.0-150600.10.17.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.17.1

CPE2.3