Risk | High |
Patch available | YES |
Number of vulnerabilities | 230 |
CVE-ID | CVE-2021-47594 CVE-2022-48674 CVE-2022-48979 CVE-2022-48982 CVE-2022-48983 CVE-2022-48989 CVE-2022-48990 CVE-2023-52915 CVE-2023-52917 CVE-2023-52918 CVE-2023-52921 CVE-2023-52922 CVE-2024-26782 CVE-2024-26906 CVE-2024-26953 CVE-2024-35888 CVE-2024-35937 CVE-2024-35980 CVE-2024-36484 CVE-2024-36883 CVE-2024-36886 CVE-2024-36905 CVE-2024-36953 CVE-2024-36954 CVE-2024-38577 CVE-2024-38589 CVE-2024-38615 CVE-2024-40997 CVE-2024-41016 CVE-2024-41023 CVE-2024-41049 CVE-2024-42131 CVE-2024-43817 CVE-2024-43897 CVE-2024-44932 CVE-2024-44964 CVE-2024-44995 CVE-2024-46681 CVE-2024-46800 CVE-2024-46802 CVE-2024-46804 CVE-2024-46805 CVE-2024-46807 CVE-2024-46810 CVE-2024-46812 CVE-2024-46819 CVE-2024-46821 CVE-2024-46835 CVE-2024-46842 CVE-2024-46853 CVE-2024-46859 CVE-2024-46864 CVE-2024-46871 CVE-2024-47663 CVE-2024-47665 CVE-2024-47667 CVE-2024-47669 CVE-2024-47670 CVE-2024-47671 CVE-2024-47679 CVE-2024-47682 CVE-2024-47693 CVE-2024-47695 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47701 CVE-2024-47709 CVE-2024-47712 CVE-2024-47713 CVE-2024-47718 CVE-2024-47723 CVE-2024-47728 CVE-2024-47735 CVE-2024-47737 CVE-2024-47742 CVE-2024-47745 CVE-2024-47749 CVE-2024-47756 CVE-2024-47757 CVE-2024-49850 CVE-2024-49851 CVE-2024-49852 CVE-2024-49855 CVE-2024-49861 CVE-2024-49863 CVE-2024-49868 CVE-2024-49870 CVE-2024-49871 CVE-2024-49875 CVE-2024-49877 CVE-2024-49879 CVE-2024-49884 CVE-2024-49891 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49905 CVE-2024-49907 CVE-2024-49908 CVE-2024-49921 CVE-2024-49924 CVE-2024-49925 CVE-2024-49934 CVE-2024-49935 CVE-2024-49938 CVE-2024-49945 CVE-2024-49947 CVE-2024-49950 CVE-2024-49957 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49968 CVE-2024-49981 CVE-2024-49983 CVE-2024-49985 CVE-2024-49989 CVE-2024-50003 CVE-2024-50007 CVE-2024-50008 CVE-2024-50009 CVE-2024-50013 CVE-2024-50017 CVE-2024-50025 CVE-2024-50026 CVE-2024-50031 CVE-2024-50044 CVE-2024-50062 CVE-2024-50067 CVE-2024-50073 CVE-2024-50074 CVE-2024-50077 CVE-2024-50078 CVE-2024-50082 CVE-2024-50089 CVE-2024-50093 CVE-2024-50095 CVE-2024-50096 CVE-2024-50098 CVE-2024-50099 CVE-2024-50103 CVE-2024-50108 CVE-2024-50110 CVE-2024-50115 CVE-2024-50116 CVE-2024-50117 CVE-2024-50124 CVE-2024-50125 CVE-2024-50127 CVE-2024-50128 CVE-2024-50131 CVE-2024-50134 CVE-2024-50135 CVE-2024-50138 CVE-2024-50141 CVE-2024-50146 CVE-2024-50147 CVE-2024-50148 CVE-2024-50150 CVE-2024-50153 CVE-2024-50154 CVE-2024-50155 CVE-2024-50156 CVE-2024-50160 CVE-2024-50167 CVE-2024-50171 CVE-2024-50179 CVE-2024-50180 CVE-2024-50182 CVE-2024-50183 CVE-2024-50184 CVE-2024-50186 CVE-2024-50187 CVE-2024-50188 CVE-2024-50189 CVE-2024-50192 CVE-2024-50194 CVE-2024-50195 CVE-2024-50196 CVE-2024-50198 CVE-2024-50201 CVE-2024-50205 CVE-2024-50208 CVE-2024-50209 CVE-2024-50215 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50232 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50249 CVE-2024-50255 CVE-2024-50259 CVE-2024-50261 CVE-2024-50264 CVE-2024-50265 CVE-2024-50267 CVE-2024-50268 CVE-2024-50269 CVE-2024-50271 CVE-2024-50273 CVE-2024-50274 CVE-2024-50279 CVE-2024-50282 CVE-2024-50287 CVE-2024-50289 CVE-2024-50290 CVE-2024-50292 CVE-2024-50295 CVE-2024-50298 CVE-2024-50301 CVE-2024-50302 CVE-2024-53052 CVE-2024-53058 CVE-2024-53059 CVE-2024-53060 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53068 CVE-2024-53079 CVE-2024-53085 CVE-2024-53088 CVE-2024-53104 CVE-2024-53110 |
CWE-ID | CWE-476 CWE-416 CWE-20 CWE-667 CWE-399 CWE-191 CWE-415 CWE-388 CWE-200 CWE-908 CWE-125 CWE-617 CWE-362 CWE-401 CWE-119 CWE-190 CWE-835 CWE-665 CWE-369 CWE-682 CWE-404 CWE-787 |
Exploitation vector | Network |
Public exploit | Vulnerability #229 is being exploited in the wild. |
Vulnerable software |
Public Cloud Module Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system kernel-source-azure Operating systems & Components / Operating system package or component kernel-devel-azure Operating systems & Components / Operating system package or component kernel-azure-vdso-debuginfo Operating systems & Components / Operating system package or component kernel-azure-vdso Operating systems & Components / Operating system package or component kernel-azure Operating systems & Components / Operating system package or component kselftests-kmp-azure-debuginfo Operating systems & Components / Operating system package or component kernel-azure-extra-debuginfo Operating systems & Components / Operating system package or component kernel-azure-extra Operating systems & Components / Operating system package or component cluster-md-kmp-azure-debuginfo Operating systems & Components / Operating system package or component ocfs2-kmp-azure-debuginfo Operating systems & Components / Operating system package or component kselftests-kmp-azure Operating systems & Components / Operating system package or component ocfs2-kmp-azure Operating systems & Components / Operating system package or component dlm-kmp-azure Operating systems & Components / Operating system package or component gfs2-kmp-azure-debuginfo Operating systems & Components / Operating system package or component kernel-azure-optional Operating systems & Components / Operating system package or component cluster-md-kmp-azure Operating systems & Components / Operating system package or component kernel-azure-debugsource Operating systems & Components / Operating system package or component kernel-azure-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-azure-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-azure Operating systems & Components / Operating system package or component reiserfs-kmp-azure Operating systems & Components / Operating system package or component reiserfs-kmp-azure-debuginfo Operating systems & Components / Operating system package or component kernel-azure-devel Operating systems & Components / Operating system package or component kernel-azure-optional-debuginfo Operating systems & Components / Operating system package or component kernel-syms-azure Operating systems & Components / Operating system package or component kernel-azure-devel-debuginfo Operating systems & Components / Operating system package or component |
Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 230 vulnerabilities.
EUVDB-ID: #VU92336
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47594
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mptcp_pm_nl_rm_addr_or_subflow() function in net/mptcp/pm_netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90174
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48674
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the fs/erofs/internal.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99216
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48979
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the drivers/gpu/drm/amd/display/dc/dml/display_mode_vba.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98992
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48982
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hci_register_dev() function in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99003
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48983
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the io_tctx_exit_cb() function in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99138
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48989
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the set_bit() function in fs/fscache/cookie.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99093
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48990
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the amdgpu_job_free_cb() function in drivers/gpu/drm/amd/amdgpu/amdgpu_job.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96934
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52915
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the af9035_i2c_master_xfer() function in drivers/media/usb/dvb-usb-v2/af9035.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98973
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52917
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ndev_init_debugfs() function in drivers/ntb/hw/intel/ntb_hw_gen1.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99254
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52918
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cx23885_video_register() function in drivers/media/pci/cx23885/cx23885-video.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU100617
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52921
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the amdgpu_cs_pass1() function in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101033
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52922
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bcm_release() function in net/can/bcm.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90927
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26782
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the mptcp_inet6_sk() and mptcp_sk_clone() functions in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92944
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26906
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the copy_from_kernel_nofault_allowed() function in arch/x86/mm/maccess.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91359
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26953
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the esp_req_sg(), esp_ssg_unref(), esp_output_done() and esp6_output_tail() functions in net/ipv6/esp6.c, within the esp_req_sg(), esp_ssg_unref(), esp_output_done() and esp_output_tail() functions in net/ipv4/esp4.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90873
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35888
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ip6erspan_rcv() function in net/ipv6/ip6_gre.c, within the erspan_rcv() function in net/ipv4/ip_gre.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91093
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35937
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ieee80211_amsdu_subframe_length(), ieee80211_is_valid_amsdu() and ieee80211_amsdu_to_8023s() functions in net/wireless/util.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91667
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35980
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the arch/arm64/include/asm/tlbflush.h. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93039
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36484
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the __inet_accept() function in net/ipv4/af_inet.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90272
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36883
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the net_alloc_generic() and register_pernet_operations() functions in net/core/net_namespace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90049
Risk: High
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-36886
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to a use-after-free error within the tipc_buf_append() function in net/tipc/msg.c when processing fragmented TIPC messages. A remote attacker can send specially crafted packets to the system, trigger a use-after-free error and execute arbitrary code on the system in the context of the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93375
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36905
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the tcp_send_fin() function in net/ipv4/tcp_output.c, within the tcp_rcv_state_process() function in net/ipv4/tcp_input.c, within the tcp_shutdown() and __tcp_close() functions in net/ipv4/tcp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93450
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36953
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the kvm_register_vgic_device() function in arch/arm64/kvm/vgic/vgic-kvm-device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90431
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36954
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tipc_buf_append() function in net/tipc/msg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92378
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38577
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the kernel/rcu/tasks.h. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92365
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38589
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nr_add_node() and nr_del_node() functions in net/netrom/nr_route.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94120
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38615
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __cpufreq_offline() and cpufreq_remove_dev() functions in drivers/cpufreq/cpufreq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94210
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-40997
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amd_pstate_epp_cpu_exit() function in drivers/cpufreq/amd-pstate.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94837
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41016
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ocfs2_xattr_find_entry() function in fs/ocfs2/xattr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94924
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41023
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the enqueue_task_dl() function in kernel/sched/deadline.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94947
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41049
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the posix_lock_inode() function in fs/locks.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU95035
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-42131
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the domain_dirty_limits(), node_dirty_limit(), dirty_background_bytes_handler() and dirty_bytes_handler() functions in mm/page-writeback.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96160
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43817
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the include/linux/virtio_net.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96541
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43897
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __udp_gso_segment() function in net/ipv4/udp_offload.c, within the tcp_gso_segment() function in net/ipv4/tcp_offload.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96516
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44932
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the idpf_vport_intr_napi_dis_all() and idpf_vport_intr_rel() functions in drivers/net/ethernet/intel/idpf/idpf_txrx.c, within the idpf_vport_stop(), idpf_vport_open() and idpf_send_map_unmap_queue_vector_msg() functions in drivers/net/ethernet/intel/idpf/idpf_lib.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96831
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44964
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the idpf_rx_init_buf_tail(), idpf_vport_open(), idpf_init_task(), idpf_initiate_soft_reset() and idpf_open() functions in drivers/net/ethernet/intel/idpf/idpf_lib.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96855
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44995
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hns3_reset_notify_uninit_enet() function in drivers/net/ethernet/hisilicon/hns3/hns3_enet.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97278
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46681
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the pktgen_thread_worker() and pg_net_init() functions in net/core/pktgen.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97501
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46800
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qdisc_enqueue() function in net/sched/sch_netem.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97838
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46802
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the resource_build_bit_depth_reduction_params() function in drivers/gpu/drm/amd/display/dc/core/dc_resource.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97827
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46804
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the read() and write() functions in drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97793
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46805
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the psp_xgmi_reflect_topology_info() function in drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97794
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46807
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_device_recover_vram() function in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97796
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46810
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tc_irq_handler() function in drivers/gpu/drm/bridge/tc358767.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97845
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46812
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ModeSupportAndSystemConfiguration() function in drivers/gpu/drm/amd/display/dc/dml/display_mode_vba.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97797
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46819
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nbio_v7_4_handle_ras_controller_intr_no_bifring() function in drivers/gpu/drm/amd/amdgpu/nbio_v7_4.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97841
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46821
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the navi10_get_current_clk_freq_by_table(), navi10_emit_clk_levels(), navi10_print_clk_levels() and navi10_force_clk_levels() functions in drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97831
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46835
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the gfx_v11_0_hw_init() function in drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97779
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46842
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lpfc_get_sfp_info_wait() function in drivers/scsi/lpfc/lpfc_els.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97782
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46853
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nxp_fspi_fill_txfifo() function in drivers/spi/spi-nxp-fspi.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97791
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46859
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the DEVICE_ATTR_RW(), acpi_pcc_hotkey_resume() and acpi_pcc_hotkey_add() functions in drivers/platform/x86/panasonic-laptop.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97825
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46864
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the hv_machine_shutdown() function in arch/x86/kernel/cpu/mshyperv.c, within the EXPORT_SYMBOL_GPL(), register_syscore_ops() and wrmsrl() functions in arch/x86/hyperv/hv_init.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98381
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46871
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98372
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47663
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the ad9834_write_frequency() function in drivers/staging/iio/frequency/ad9834.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98379
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47665
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_dma_init() function in drivers/i3c/master/mipi-i3c-hci/dma.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98380
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47667
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the RTL GENMASK(), to_keystone_pcie(), ks_pcie_start_link() and ks_pcie_quirk() functions in drivers/pci/controller/dwc/pci-keystone.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98367
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47669
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nilfs_segctor_abort_construction() and nilfs_segctor_do_construct() functions in fs/nilfs2/segment.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98365
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47670
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ocfs2_listxattr(), ocfs2_xattr_find_entry(), ocfs2_xattr_ibody_get(), ocfs2_xattr_ibody_find() and ocfs2_xattr_block_find() functions in fs/ocfs2/xattr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98377
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47671
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the usbtmc_create_urb() function in drivers/usb/class/usbtmc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99031
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47679
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the spin_lock() function in fs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98916
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47682
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sd_read_block_characteristics() function in drivers/scsi/sd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99176
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47693
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ib_cache_setup_one() function in drivers/infiniband/core/cache.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98921
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47695
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the init_conns() function in drivers/infiniband/ulp/rtrs/rtrs-clt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98899
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47696
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iw_cm_init() function in drivers/infiniband/core/iwcm.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98920
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47697
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rtl2830_pid_filter() function in drivers/media/dvb-frontends/rtl2830.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98919
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47698
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rtl2832_pid_filter() function in drivers/media/dvb-frontends/rtl2832.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98985
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47699
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nilfs_btree_root_broken() function in fs/nilfs2/btree.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98898
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47701
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_find_inline_entry() function in fs/ext4/inline.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99177
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47709
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bcm_notify() function in net/can/bcm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98895
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47712
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the wilc_parse_join_bss_param() function in drivers/net/wireless/microchip/wilc1000/hif.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99032
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47713
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ieee80211_do_stop() function in net/mac80211/iface.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98894
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47718
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rtw_wait_firmware_completion() function in drivers/net/wireless/realtek/rtw88/main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98915
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47723
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the diAlloc() function in fs/jfs/jfs_imap.c, within the dbMount() and dbNextAG() functions in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98856
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47728
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the BPF_CALL_5() function in net/core/filter.c, within the BPF_CALL_4() function in kernel/bpf/syscall.c, within the BPF_CALL_4() function in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99025
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47735
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hns_roce_lock_cqs() and hns_roce_unlock_cqs() functions in drivers/infiniband/hw/hns/hns_roce_qp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99078
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47737
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the idmap_id_to_name() function in fs/nfsd/nfs4idmap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99188
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47742
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the fw_abort_batch_reqs() and _request_firmware() functions in drivers/base/firmware_loader/main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99229
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47745
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the SYSCALL_DEFINE5() function in mm/mmap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98971
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47749
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the act_establish() and act_open_rpl() functions in drivers/infiniband/hw/cxgb4/cm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98976
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47756
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ks_pcie_quirk() function in drivers/pci/controller/dwc/pci-keystone.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98913
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47757
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nilfs_btree_check_delete() function in fs/nilfs2/btree.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98974
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49850
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bpf_core_apply() function in kernel/bpf/btf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98860
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49851
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tpm2_flush_space() function in drivers/char/tpm/tpm2-space.c, within the tpm_dev_transmit() function in drivers/char/tpm/tpm-dev-common.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98891
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49852
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efc_nport_vport_del() function in drivers/scsi/elx/libefc/efc_nport.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98893
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49855
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nbd_requeue_cmd() and nbd_xmit_timeout() functions in drivers/block/nbd.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99086
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49861
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the sizeof() function in net/core/filter.c, within the sizeof() function in kernel/trace/bpf_trace.c, within the arg_type_is_dynptr() function in kernel/bpf/verifier.c, within the sizeof() function in kernel/bpf/syscall.c, within the sizeof() function in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98970
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49863
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vhost_scsi_get_req() function in drivers/vhost/scsi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98969
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49868
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btrfs_update_reloc_root() function in fs/btrfs/relocation.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98851
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49870
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cachefiles_open_file(), fput() and cachefiles_look_up_object() functions in fs/cachefiles/namei.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98968
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49871
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the adp5589_keypad_add() and adp5589_probe() functions in drivers/input/keyboard/adp5589-keys.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99020
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49875
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fs/nfsd/vfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98966
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49877
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fs/ocfs2/buffer_head_io.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98965
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49879
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the omapdrm_init() and omap_gem_deinit() functions in drivers/gpu/drm/omapdrm/omap_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98867
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49884
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_split_extent_at() and ext4_ext_dirty() functions in fs/ext4/extents.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98963
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49891
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lpfc_sli_flush_io_rings() function in drivers/scsi/lpfc/lpfc_sli.c, within the lpfc_abort_handler() function in drivers/scsi/lpfc/lpfc_scsi.c, within the lpfc_dev_loss_tmo_callbk() function in drivers/scsi/lpfc/lpfc_hbadisc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99084
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49900
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ea_get() function in fs/jfs/xattr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98910
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49902
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbAdjTree() and dbFindLeaf() functions in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98869
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49903
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the jfs_issue_discard() and jfs_ioc_trim() functions in fs/jfs/jfs_discard.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98958
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49905
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the handle_cursor_update() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_plane.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98925
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49907
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dc_allow_idle_optimizations() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1
kernel-devel-azure: before 5.14.21-150500.33.75.1
kernel-azure-vdso-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-vdso: before 5.14.21-150500.33.75.1
kernel-azure: before 5.14.21-150500.33.75.1
kselftests-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-extra: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kselftests-kmp-azure: before 5.14.21-150500.33.75.1
ocfs2-kmp-azure: before 5.14.21-150500.33.75.1
dlm-kmp-azure: before 5.14.21-150500.33.75.1
gfs2-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-optional: before 5.14.21-150500.33.75.1
cluster-md-kmp-azure: before 5.14.21-150500.33.75.1
kernel-azure-debugsource: before 5.14.21-150500.33.75.1
kernel-azure-debuginfo: before 5.14.21-150500.33.75.1
dlm-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
gfs2-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure: before 5.14.21-150500.33.75.1
reiserfs-kmp-azure-debuginfo: before 5.14.21-150500.33.75.1
kernel-azure-devel: before 5.14.21-150500.33.75.1
kernel-azure-optional-debuginfo: before 5.14.21-150500.33.75.1
kernel-syms-azure: before 5.14.21-150500.33.75.1
kernel-azure-devel-debuginfo: before 5.14.21-150500.33.75.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20244376-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98939
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49908
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_dm_update_cursor() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-source-azure: before 5.14.21-150500.33.75.1