SUSE update for the Linux Kernel



| Updated: 2025-02-05
Risk High
Patch available YES
Number of vulnerabilities 241
CVE-ID CVE-2023-52778
CVE-2023-52920
CVE-2023-52921
CVE-2023-52922
CVE-2024-26596
CVE-2024-26703
CVE-2024-26741
CVE-2024-26782
CVE-2024-26864
CVE-2024-26953
CVE-2024-27017
CVE-2024-27407
CVE-2024-35888
CVE-2024-36000
CVE-2024-36031
CVE-2024-36484
CVE-2024-36883
CVE-2024-36886
CVE-2024-36905
CVE-2024-36920
CVE-2024-36927
CVE-2024-36954
CVE-2024-36968
CVE-2024-38589
CVE-2024-40914
CVE-2024-41023
CVE-2024-42102
CVE-2024-44995
CVE-2024-46680
CVE-2024-46681
CVE-2024-46765
CVE-2024-46788
CVE-2024-46800
CVE-2024-46828
CVE-2024-46845
CVE-2024-47666
CVE-2024-47679
CVE-2024-47701
CVE-2024-47703
CVE-2024-49852
CVE-2024-49866
CVE-2024-49868
CVE-2024-49881
CVE-2024-49883
CVE-2024-49884
CVE-2024-49894
CVE-2024-49895
CVE-2024-49897
CVE-2024-49899
CVE-2024-49901
CVE-2024-49905
CVE-2024-49908
CVE-2024-49909
CVE-2024-49911
CVE-2024-49912
CVE-2024-49913
CVE-2024-49921
CVE-2024-49922
CVE-2024-49923
CVE-2024-49925
CVE-2024-49933
CVE-2024-49934
CVE-2024-49944
CVE-2024-49945
CVE-2024-49952
CVE-2024-49959
CVE-2024-49968
CVE-2024-49975
CVE-2024-49976
CVE-2024-49983
CVE-2024-49987
CVE-2024-49989
CVE-2024-50003
CVE-2024-50004
CVE-2024-50006
CVE-2024-50009
CVE-2024-50012
CVE-2024-50014
CVE-2024-50015
CVE-2024-50026
CVE-2024-50067
CVE-2024-50080
CVE-2024-50081
CVE-2024-50082
CVE-2024-50084
CVE-2024-50087
CVE-2024-50088
CVE-2024-50089
CVE-2024-50093
CVE-2024-50095
CVE-2024-50096
CVE-2024-50098
CVE-2024-50099
CVE-2024-50100
CVE-2024-50101
CVE-2024-50102
CVE-2024-50103
CVE-2024-50108
CVE-2024-50110
CVE-2024-50115
CVE-2024-50116
CVE-2024-50117
CVE-2024-50121
CVE-2024-50124
CVE-2024-50125
CVE-2024-50127
CVE-2024-50128
CVE-2024-50130
CVE-2024-50131
CVE-2024-50134
CVE-2024-50135
CVE-2024-50136
CVE-2024-50138
CVE-2024-50139
CVE-2024-50141
CVE-2024-50145
CVE-2024-50146
CVE-2024-50147
CVE-2024-50148
CVE-2024-50150
CVE-2024-50153
CVE-2024-50154
CVE-2024-50155
CVE-2024-50156
CVE-2024-50157
CVE-2024-50158
CVE-2024-50159
CVE-2024-50160
CVE-2024-50166
CVE-2024-50167
CVE-2024-50169
CVE-2024-50171
CVE-2024-50172
CVE-2024-50175
CVE-2024-50176
CVE-2024-50177
CVE-2024-50179
CVE-2024-50180
CVE-2024-50181
CVE-2024-50182
CVE-2024-50183
CVE-2024-50184
CVE-2024-50186
CVE-2024-50187
CVE-2024-50188
CVE-2024-50189
CVE-2024-50192
CVE-2024-50194
CVE-2024-50195
CVE-2024-50196
CVE-2024-50198
CVE-2024-50200
CVE-2024-50201
CVE-2024-50205
CVE-2024-50208
CVE-2024-50209
CVE-2024-50210
CVE-2024-50215
CVE-2024-50216
CVE-2024-50218
CVE-2024-50221
CVE-2024-50224
CVE-2024-50225
CVE-2024-50228
CVE-2024-50229
CVE-2024-50230
CVE-2024-50231
CVE-2024-50232
CVE-2024-50233
CVE-2024-50234
CVE-2024-50235
CVE-2024-50236
CVE-2024-50237
CVE-2024-50240
CVE-2024-50245
CVE-2024-50246
CVE-2024-50248
CVE-2024-50249
CVE-2024-50250
CVE-2024-50252
CVE-2024-50255
CVE-2024-50257
CVE-2024-50261
CVE-2024-50264
CVE-2024-50265
CVE-2024-50267
CVE-2024-50268
CVE-2024-50269
CVE-2024-50271
CVE-2024-50273
CVE-2024-50274
CVE-2024-50275
CVE-2024-50276
CVE-2024-50279
CVE-2024-50282
CVE-2024-50287
CVE-2024-50289
CVE-2024-50290
CVE-2024-50292
CVE-2024-50295
CVE-2024-50296
CVE-2024-50298
CVE-2024-50301
CVE-2024-50302
CVE-2024-53042
CVE-2024-53043
CVE-2024-53045
CVE-2024-53048
CVE-2024-53051
CVE-2024-53052
CVE-2024-53055
CVE-2024-53056
CVE-2024-53058
CVE-2024-53059
CVE-2024-53060
CVE-2024-53061
CVE-2024-53063
CVE-2024-53066
CVE-2024-53068
CVE-2024-53072
CVE-2024-53074
CVE-2024-53076
CVE-2024-53079
CVE-2024-53081
CVE-2024-53082
CVE-2024-53085
CVE-2024-53088
CVE-2024-53093
CVE-2024-53094
CVE-2024-53095
CVE-2024-53096
CVE-2024-53100
CVE-2024-53101
CVE-2024-53104
CVE-2024-53106
CVE-2024-53108
CVE-2024-53110
CVE-2024-53112
CVE-2024-53114
CVE-2024-53121
CVE-2024-53138
CWE-ID CWE-119
CWE-476
CWE-416
CWE-125
CWE-399
CWE-415
CWE-200
CWE-682
CWE-908
CWE-617
CWE-20
CWE-362
CWE-401
CWE-369
CWE-667
CWE-388
CWE-190
CWE-835
CWE-665
CWE-404
CWE-191
CWE-787
Exploitation vector Network
Public exploit Vulnerability #234 is being exploited in the wild.
Vulnerable software
SUSE Real Time Module
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-6_4_0-150600_10_20-rt
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource
Operating systems & Components / Operating system package or component

kernel-rt_debug
Operating systems & Components / Operating system package or component

kernel-rt
Operating systems & Components / Operating system package or component

kernel-source-rt
Operating systems & Components / Operating system package or component

kernel-devel-rt
Operating systems & Components / Operating system package or component

kernel-rt-livepatch-devel
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-rt
Operating systems & Components / Operating system package or component

dlm-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-syms-rt
Operating systems & Components / Operating system package or component

kernel-rt-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-vdso-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-vdso
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-extra-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-extra
Operating systems & Components / Operating system package or component

kernel-rt-optional
Operating systems & Components / Operating system package or component

kernel-rt_debug-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-devel-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-debugsource
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel
Operating systems & Components / Operating system package or component

gfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-devel
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso
Operating systems & Components / Operating system package or component

kselftests-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-debugsource
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 241 vulnerabilities.

1) Buffer overflow

EUVDB-ID: #VU93169

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52778

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the mptcp_update_infinite_map() and mptcp_sendmsg_frag() functions in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) NULL pointer dereference

EUVDB-ID: #VU99770

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52920

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the BPF_MOV64_REG() and BPF_RAW_INSN() functions in tools/testing/selftests/bpf/verifier/precise.c, within the subprog_spill_reg_precise() function in tools/testing/selftests/bpf/progs/verifier_subprog_precision.c, within the copy_verifier_state(), check_reg_arg(), is_jmp_point(), bt_is_reg_set(), calls_callback(), backtrack_insn(), __mark_chain_precision(), check_stack_write_fixed_off(), check_stack_read_fixed_off(), check_atomic(), push_jmp_history() and do_check() functions in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU100617

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52921

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the amdgpu_cs_pass1() function in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use-after-free

EUVDB-ID: #VU101033

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52922

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the bcm_release() function in net/can/bcm.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU90362

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26596

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the EXPORT_SYMBOL_GPL() and dsa_user_changeupper() functions in net/dsa/user.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) NULL pointer dereference

EUVDB-ID: #VU90606

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26703

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the timerlat_fd_open() and timerlat_fd_read() functions in kernel/trace/trace_osnoise.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Resource management error

EUVDB-ID: #VU93259

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26741

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the net/ipv4/inet_hashtables.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Double free

EUVDB-ID: #VU90927

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26782

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the mptcp_inet6_sk() and mptcp_sk_clone() functions in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Information disclosure

EUVDB-ID: #VU91364

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26864

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the sock_prot_inuse_add() function in net/ipv4/inet_hashtables.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Information disclosure

EUVDB-ID: #VU91359

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26953

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the esp_req_sg(), esp_ssg_unref(), esp_output_done() and esp6_output_tail() functions in net/ipv6/esp6.c, within the esp_req_sg(), esp_ssg_unref(), esp_output_done() and esp_output_tail() functions in net/ipv4/esp4.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Incorrect calculation

EUVDB-ID: #VU93615

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27017

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to manipulate data.

The vulnerability exists due to incorrect calculation within the nft_pipapo_walk() function in net/netfilter/nft_set_pipapo.c, within the nft_map_deactivate(), nf_tables_bind_set(), nft_map_activate(), nf_tables_dump_set(), nft_set_flush() and nf_tables_check_loops() functions in net/netfilter/nf_tables_api.c. A local user can manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Buffer overflow

EUVDB-ID: #VU93624

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27407

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the mi_enum_attr() function in fs/ntfs3/record.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Use of uninitialized resource

EUVDB-ID: #VU90873

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35888

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the ip6erspan_rcv() function in net/ipv6/ip6_gre.c, within the erspan_rcv() function in net/ipv4/ip_gre.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Reachable Assertion

EUVDB-ID: #VU90907

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36000

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the alloc_huge_page() function in mm/hugetlb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Input validation error

EUVDB-ID: #VU94121

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36031

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the __key_instantiate_and_link() function in security/keys/key.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Reachable assertion

EUVDB-ID: #VU93039

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36484

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the __inet_accept() function in net/ipv4/af_inet.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Out-of-bounds read

EUVDB-ID: #VU90272

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36883

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the net_alloc_generic() and register_pernet_operations() functions in net/core/net_namespace.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Use-after-free

EUVDB-ID: #VU90049

Risk: High

CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-36886

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a use-after-free error within the tipc_buf_append() function in net/tipc/msg.c when processing fragmented TIPC messages. A remote attacker can send specially crafted packets to the system, trigger a use-after-free error and execute arbitrary code on the system in the context of the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Race condition

EUVDB-ID: #VU93375

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36905

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the tcp_send_fin() function in net/ipv4/tcp_output.c, within the tcp_rcv_state_process() function in net/ipv4/tcp_input.c, within the tcp_shutdown() and __tcp_close() functions in net/ipv4/tcp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Buffer overflow

EUVDB-ID: #VU93238

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36920

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the mpi3mr_bsg_process_mpt_cmds() function in drivers/scsi/mpi3mr/mpi3mr_app.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use of uninitialized resource

EUVDB-ID: #VU90863

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36927

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the raw_sendmsg() function in net/ipv4/raw.c, within the __ip_make_skb() function in net/ipv4/ip_output.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Memory leak

EUVDB-ID: #VU90431

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36954

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the tipc_buf_append() function in net/tipc/msg.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Division by zero

EUVDB-ID: #VU92008

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36968

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the sco_sock_clear_timer() and sco_conn_add() functions in net/bluetooth/sco.c, within the l2cap_finish_move(), l2cap_rx_state_wait_f() and l2cap_conn_add() functions in net/bluetooth/l2cap_core.c, within the iso_sock_sendmsg() function in net/bluetooth/iso.c, within the hci_cc_read_buffer_size(), hci_cc_le_read_buffer_size(), hci_cs_create_conn(), hci_conn_complete_evt(), hci_conn_request_evt(), hci_cc_le_read_buffer_size_v2(), le_conn_complete_evt(), hci_le_cis_req_evt(), hci_le_big_sync_established_evt() and hci_le_big_info_adv_report_evt() functions in net/bluetooth/hci_event.c, within the hci_conn_add(), hci_conn_add_unset(), hci_connect_le(), hci_add_bis(), hci_connect_le_scan(), hci_connect_acl(), hci_connect_sco(), hci_bind_cis() and hci_iso_qos_setup() functions in net/bluetooth/hci_conn.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Improper locking

EUVDB-ID: #VU92365

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38589

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nr_add_node() and nr_del_node() functions in net/netrom/nr_route.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Improper error handling

EUVDB-ID: #VU94291

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-40914

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the unpoison_memory() function in mm/memory-failure.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Memory leak

EUVDB-ID: #VU94924

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-41023

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the enqueue_task_dl() function in kernel/sched/deadline.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Integer overflow

EUVDB-ID: #VU95034

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-42102

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the wb_dirty_limits() function in mm/page-writeback.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Improper locking

EUVDB-ID: #VU96855

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44995

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the hns3_reset_notify_uninit_enet() function in drivers/net/ethernet/hisilicon/hns3/hns3_enet.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Input validation error

EUVDB-ID: #VU97270

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46680

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ps_wakeup(), btnxpuart_close() and nxp_serdev_remove() functions in drivers/bluetooth/btnxpuart.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Infinite loop

EUVDB-ID: #VU97278

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46681

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the pktgen_thread_worker() and pg_net_init() functions in net/core/pktgen.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) NULL pointer dereference

EUVDB-ID: #VU97522

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46765

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ice_xsk_pool_setup() function in drivers/net/ethernet/intel/ice/ice_xsk.c, within the ice_clear_hw_tbls(), ice_xdp_setup_prog() and ice_xdp() functions in drivers/net/ethernet/intel/ice/ice_main.c, within the ice_vsi_free(), ice_vsi_alloc() and ice_vsi_rebuild() functions in drivers/net/ethernet/intel/ice/ice_lib.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) NULL pointer dereference

EUVDB-ID: #VU97517

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46788

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the osnoise_migration_pending(), stop_kthread(), start_kthread() and start_per_cpu_kthreads() functions in kernel/trace/trace_osnoise.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Use-after-free

EUVDB-ID: #VU97501

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46800

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the qdisc_enqueue() function in net/sched/sch_netem.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Out-of-bounds read

EUVDB-ID: #VU97786

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46828

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the net/sched/sch_cake.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Use-after-free

EUVDB-ID: #VU97780

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46845

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the this_cpu_tmr_var() and timerlat_fd_release() functions in kernel/trace/trace_osnoise.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Improper locking

EUVDB-ID: #VU98366

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-47666

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the pm8001_phy_control() function in drivers/scsi/pm8001/pm8001_sas.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Improper locking

EUVDB-ID: #VU99031

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-47679

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the spin_lock() function in fs/inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Use-after-free

EUVDB-ID: #VU98898

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-47701

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ext4_find_inline_entry() function in fs/ext4/inline.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Incorrect calculation

EUVDB-ID: #VU99189

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-47703

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the mark_reg_unknown(), check_packet_access(), check_ctx_access(), check_stack_access_within_bounds(), check_mem_access() and check_return_code() functions in kernel/bpf/verifier.c, within the btf_ctx_access() function in kernel/bpf/btf.c, within the BTF_SET_START() function in kernel/bpf/bpf_lsm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Use-after-free

EUVDB-ID: #VU98891

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49852

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the efc_nport_vport_del() function in drivers/scsi/elx/libefc/efc_nport.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Resource management error

EUVDB-ID: #VU99146

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49866

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the osnoise_hotplug_workfn() function in kernel/trace/trace_osnoise.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) NULL pointer dereference

EUVDB-ID: #VU98969

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49868

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the btrfs_update_reloc_root() function in fs/btrfs/relocation.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Memory leak

EUVDB-ID: #VU98852

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49881

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the get_ext_path() function in fs/ext4/move_extent.c, within the ext4_find_extent() and ext4_split_extent_at() functions in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Use-after-free

EUVDB-ID: #VU98866

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49883

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the fs/ext4/extents.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Use-after-free

EUVDB-ID: #VU98867

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49884

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ext4_split_extent_at() and ext4_ext_dirty() functions in fs/ext4/extents.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Out-of-bounds read

EUVDB-ID: #VU98912

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49894

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the cm_helper_translate_curve_to_degamma_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Out-of-bounds read

EUVDB-ID: #VU98911

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49895

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the cm3_helper_translate_curve_to_degamma_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn30/dcn30_cm_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Improper error handling

EUVDB-ID: #VU99072

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49897

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the dcn32_add_phantom_pipes() function in drivers/gpu/drm/amd/display/dc/resource/dcn32/dcn32_resource.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Input validation error

EUVDB-ID: #VU99225

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49899

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the CalculateVMGroupAndRequestTimes() function in drivers/gpu/drm/amd/display/dc/dml2/dml21/src/dml2_core/dml2_core_shared.c, within the get_bytes_per_element() function in drivers/gpu/drm/amd/display/dc/dml/dml1_display_rq_dlg_calc.c, within the calculate_ttu_cursor() function in drivers/gpu/drm/amd/display/dc/dml/dcn20/display_rq_dlg_calc_20.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) NULL pointer dereference

EUVDB-ID: #VU98960

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49901

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the msm_gpu_init() function in drivers/gpu/drm/msm/msm_gpu.c, within the adreno_gpu_init() function in drivers/gpu/drm/msm/adreno/adreno_gpu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) NULL pointer dereference

EUVDB-ID: #VU98958

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49905

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the handle_cursor_update() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_plane.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) NULL pointer dereference

EUVDB-ID: #VU98939

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49908

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the amdgpu_dm_update_cursor() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) NULL pointer dereference

EUVDB-ID: #VU98938

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49909

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dcn32_set_output_transfer_func() function in drivers/gpu/drm/amd/display/dc/hwss/dcn32/dcn32_hwseq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) NULL pointer dereference

EUVDB-ID: #VU98936

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49911

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dcn20_set_output_transfer_func() function in drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) NULL pointer dereference

EUVDB-ID: #VU98935

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49912

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the planes_changed_for_existing_stream() function in drivers/gpu/drm/amd/display/dc/core/dc_resource.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) NULL pointer dereference

EUVDB-ID: #VU98934

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49913

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the commit_planes_for_stream() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) NULL pointer dereference

EUVDB-ID: #VU98926

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49921

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dp_verify_link_cap_with_retries() function in drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_capability.c, within the dcn35_init_hw() and dcn35_calc_blocks_to_gate() functions in drivers/gpu/drm/amd/display/dc/hwss/dcn35/dcn35_hwseq.c, within the dcn31_init_hw() function in drivers/gpu/drm/amd/display/dc/hwss/dcn31/dcn31_hwseq.c, within the dcn10_init_hw() function in drivers/gpu/drm/amd/display/dc/hwss/dcn10/dcn10_hwseq.c, within the dce110_edp_backlight_control() function in drivers/gpu/drm/amd/display/dc/hwss/dce110/dce110_hwseq.c, within the hubp2_is_flip_pending() function in drivers/gpu/drm/amd/display/dc/hubp/dcn20/dcn20_hubp.c, within the hubp1_is_flip_pending() function in drivers/gpu/drm/amd/display/dc/hubp/dcn10/dcn10_hubp.c, within the dce11_pplib_apply_display_requirements() function in drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) NULL pointer dereference

EUVDB-ID: #VU98924

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49922

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the create_validate_stream_for_sink(), amdgpu_dm_commit_streams() and amdgpu_dm_atomic_commit_tail() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) NULL pointer dereference

EUVDB-ID: #VU98950

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49923

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dcn21_fast_validate_bw() function in drivers/gpu/drm/amd/display/dc/resource/dcn21/dcn21_resource.c, within the dcn20_fast_validate_bw() function in drivers/gpu/drm/amd/display/dc/resource/dcn20/dcn20_resource.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Use-after-free

EUVDB-ID: #VU98871

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49925

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the efifb_probe(), pm_runtime_put() and efifb_remove() functions in drivers/video/fbdev/efifb.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Out-of-bounds read

EUVDB-ID: #VU98906

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49933

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ioc_forgive_debts() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Use-after-free

EUVDB-ID: #VU98872

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49934

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dump_mapping() function in fs/inode.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) NULL pointer dereference

EUVDB-ID: #VU98953

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49944

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the sctp_listen_start() function in net/sctp/socket.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Use-after-free

EUVDB-ID: #VU98875

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49945

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ncsi_unregister_dev() function in net/ncsi/ncsi-manage.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Buffer overflow

EUVDB-ID: #VU99151

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49952

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the nf_dup_ipv6_route() and nf_dup_ipv6() functions in net/ipv6/netfilter/nf_dup_ipv6.c, within the nf_dup_ipv4() function in net/ipv4/netfilter/nf_dup_ipv4.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Improper locking

EUVDB-ID: #VU99017

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49959

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __releases() function in fs/jbd2/checkpoint.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Input validation error

EUVDB-ID: #VU99226

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49968

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ext4_feature_set_ok() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Memory leak

EUVDB-ID: #VU98854

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49975

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __create_xol_area() function in kernel/events/uprobes.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Improper locking

EUVDB-ID: #VU99015

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49976

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the stop_kthread() and stop_per_cpu_kthreads() functions in kernel/trace/trace_osnoise.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Use-after-free

EUVDB-ID: #VU98880

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49983

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ext4_ext_replay_update_ex() function in fs/ext4/extents.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) NULL pointer dereference

EUVDB-ID: #VU98946

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49987

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the show_link_netfilter() function in tools/bpf/bpftool/net.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Double free

EUVDB-ID: #VU99058

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49989

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the link_destruct() function in drivers/gpu/drm/amd/display/dc/link/link_factory.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Input validation error

EUVDB-ID: #VU99218

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50003

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the dmub_hpd_callback() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Input validation error

EUVDB-ID: #VU99040

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50004

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the build_unoptimized_policy_settings() function in drivers/gpu/drm/amd/display/dc/dml2/dml2_policy.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) Improper locking

EUVDB-ID: #VU99011

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50006

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ext4_ind_migrate() function in fs/ext4/migrate.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) NULL pointer dereference

EUVDB-ID: #VU98923

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50009

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the amd_pstate_adjust_perf() and amd_pstate_init_prefcore() functions in drivers/cpufreq/amd-pstate.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) Incorrect calculation

EUVDB-ID: #VU99186

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50012

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the include/linux/cpufreq.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.20.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.20.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20244314-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) Improper locking

EUVDB-ID: #VU99010

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50014

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __ext4_fill_super() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo: before 1-150600.1.3.1

kernel-livepatch-6_4_0-150600_10_20-rt: before 1-150600.1.3.1

kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource: before 1-150600.1.3.1

kernel-rt_debug: before 6.4.0-150600.10.20.1

kernel-rt: before 6.4.0-150600.10.20.1

kernel-source-rt: before 6.4.0-150600.10.20.1

kernel-devel-rt: before 6.4.0-150600.10.20.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

gfs2-kmp-rt: before 6.4.0-150600.10.20.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kselftests-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-syms-rt: before 6.4.0-150600.10.20.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-vdso: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-extra: before 6.4.0-150600.10.20.1

kernel-rt-optional: before 6.4.0-150600.10.20.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.20.1

dlm-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.20.1

reiserfs-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt-debugsource: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt: before 6.4.0-150600.10.20.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

kernel-rt_debug-devel: before 6.4.0-150600.10.20.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.20.1

cluster-md-kmp-rt: before 6.4.0-150600.10.20.1

kernel-rt-devel: before 6.4.0-150600.10.20.1

kernel-rt_debug-vdso: