SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2802-1)

high Nessus Plugin ID 205163

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2802-1 advisory.

The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.


The following security bugs were fixed:

- CVE-2023-47210: wifi: iwlwifi: bump FW API to 90 for BZ/SC devices (bsc#1225601, bsc#1225600).
- CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
- CVE-2023-52751: smb: client: fix use-after-free in smb2_query_info_compound() (bsc#1225489).
- CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088).
- CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942).
- CVE-2024-26623: pds_core: Prevent race issues involving the adminq (bsc#1221057).
- CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).
- CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
- CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).
- CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).
- CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326).
- CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1222328).
- CVE-2024-26691: KVM: arm64: Fix circular locking dependency (bsc#1222463).
- CVE-2024-26734: devlink: fix possible use-after-free and memory leaks in devlink_init() (bsc#1222438).
- CVE-2024-26785: iommufd: Fix protection fault in iommufd_test_syz_conv_iova (bsc#1222779).
- CVE-2024-26826: mptcp: fix data re-injection from stale subflow (bsc#1223010).
- CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).
- CVE-2024-26944: btrfs: zoned: fix lock ordering in btrfs_zone_activate() (bsc#1223731).
- CVE-2024-27012: netfilter: nf_tables: restore set elements when delete set fails (bsc#1223804).
- CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806).
- CVE-2024-27016: netfilter: flowtable: validate pppoe header (bsc#1223807).
- CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813)
- CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815)
- CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778)
- CVE-2024-27064: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain (bsc#1223740).
- CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (bsc#1223836).
- CVE-2024-27402: phonet/pep: fix racy skb_queue_empty() use (bsc#1224414).
- CVE-2024-27404: mptcp: fix data races on remote_id (bsc#1224422)
- CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).
- CVE-2024-35853: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (bsc#1224604).
- CVE-2024-35854: Fixed possible use-after-free during rehash (bsc#1224636).
- CVE-2024-35890: gro: fix ownership transfer (bsc#1224516).
- CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)
- CVE-2024-35899: netfilter: nf_tables: flush pending destroy work before exit_net release (bsc#1224499)
- CVE-2024-35908: tls: get psock ref after taking rxlock to avoid leak (bsc#1224490)
- CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641)
- CVE-2024-35942: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain (bsc#1224589).
- CVE-2024-36003: ice: fix LAG and VF lock dependency in ice_reset_vf() (bsc#1224544).
- CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545)
- CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)
- CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719).
- CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't be re-encrypted (bsc#1225744).
- CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717).
- CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745).
- CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl (bsc#1225752).
- CVE-2024-36913: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails (bsc#1225753).
- CVE-2024-36914: drm/amd/display: Skip on writeback when it's not applicable (bsc#1225757).
- CVE-2024-36946: phonet: fix rtm_phonet_notify() skb allocation (bsc#1225851).
- CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519).
- CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783).
- CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets (bsc#1226750).
- CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
- CVE-2024-38604: block: refine the EOF check in blkdev_iomap_begin (bsc#1226866).
- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).
- CVE-2024-39276: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (bsc#1226993).
- CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103.
- CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy h_size fixup (bsc#1227432).
- CVE-2024-39474: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL (bsc#1227434).
- CVE-2024-39482: bcache: fix variable length array abuse in btree_iter (bsc#1227447).
- CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573)
- CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626).
- CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
- CVE-2024-39496: btrfs: zoned: fix use-after-free due to race with dev replace (bsc#1227719).
- CVE-2024-39498: drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2 (bsc#1227723)
- CVE-2024-39502: ionic: fix use after netif_napi_del() (bsc#1227755).
- CVE-2024-39504: netfilter: nft_inner: validate mandatory meta and payload (bsc#1227757).
- CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730).
- CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762).
- CVE-2024-40906: net/mlx5: Always stop health timer during driver removal (bsc#1227763).
- CVE-2024-40908: bpf: Set run context for rawtp test_run callback (bsc#1227783).
- CVE-2024-40919: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (bsc#1227779).
- CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786).
- CVE-2024-40925: block: fix request.queuelist usage in flush (bsc#1227789).
- CVE-2024-40928: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() (bsc#1227788).
- CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect (bsc#1227780).
- CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD (bsc#1227797).
- CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836).
- CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (bsc#1227800).
- CVE-2024-40947: ima: Avoid blocking in RCU read-side critical section (bsc#1227803).
- CVE-2024-40948: mm/page_table_check: fix crash on ZONE_DEVICE (bsc#1227801).
- CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806).
- CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe() (bsc#1227813).
- CVE-2024-40961: ipv6: prevent possible NULL deref in fib6_nh_init() (bsc#1227814).
- CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886).
- CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899).
- CVE-2024-40972: ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (bsc#1227910).
- CVE-2024-40975: platform/x86: x86-android-tablets: Unregister devices in reverse order (bsc#1227926).
- CVE-2024-40998: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (bsc#1227866).
- CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913).
- CVE-2024-41006: netrom: Fix a memory leak in nr_heartbeat_expiry() (bsc#1227862).
- CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405).
- CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408).
- CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403).
- CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
- CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1222326

https://bugzilla.suse.com/1222328

https://bugzilla.suse.com/1222438

https://bugzilla.suse.com/1222463

https://bugzilla.suse.com/1222768

https://bugzilla.suse.com/1222775

https://bugzilla.suse.com/1222779

https://bugzilla.suse.com/1222893

https://bugzilla.suse.com/1223010

https://bugzilla.suse.com/1223021

https://bugzilla.suse.com/1223570

https://bugzilla.suse.com/1225856

https://bugzilla.suse.com/1225894

https://bugzilla.suse.com/1225895

https://bugzilla.suse.com/1225896

https://bugzilla.suse.com/1226202

https://bugzilla.suse.com/1226213

https://bugzilla.suse.com/1226502

https://bugzilla.suse.com/1226519

https://bugzilla.suse.com/1226750

https://bugzilla.suse.com/1226757

https://bugzilla.suse.com/1226783

https://bugzilla.suse.com/1226866

https://bugzilla.suse.com/1226883

https://bugzilla.suse.com/1226915

https://bugzilla.suse.com/1226993

https://bugzilla.suse.com/1227103

https://bugzilla.suse.com/1227149

https://bugzilla.suse.com/1227282

https://bugzilla.suse.com/1227362

https://bugzilla.suse.com/1227363

https://bugzilla.suse.com/1227383

https://bugzilla.suse.com/1227432

https://bugzilla.suse.com/1227433

https://bugzilla.suse.com/1227434

https://bugzilla.suse.com/1227435

https://bugzilla.suse.com/1227443

https://bugzilla.suse.com/1227446

https://bugzilla.suse.com/1227447

https://bugzilla.suse.com/1227779

https://bugzilla.suse.com/1227780

https://bugzilla.suse.com/1227783

https://bugzilla.suse.com/1227786

https://bugzilla.suse.com/1227788

https://bugzilla.suse.com/1227789

https://bugzilla.suse.com/1227797

https://bugzilla.suse.com/1227800

https://bugzilla.suse.com/1227801

https://bugzilla.suse.com/1227803

https://bugzilla.suse.com/1227806

https://bugzilla.suse.com/1228328

https://bugzilla.suse.com/1228403

https://bugzilla.suse.com/1228405

https://bugzilla.suse.com/1228408

https://bugzilla.suse.com/1228417

http://www.nessus.org/u?1ac05c5f

https://www.suse.com/security/cve/CVE-2023-38417

https://www.suse.com/security/cve/CVE-2023-47210

https://www.suse.com/security/cve/CVE-2023-51780

https://www.suse.com/security/cve/CVE-2023-52435

https://www.suse.com/security/cve/CVE-2024-35890

https://www.suse.com/security/cve/CVE-2024-35893

https://www.suse.com/security/cve/CVE-2024-35899

https://www.suse.com/security/cve/CVE-2024-35908

https://www.suse.com/security/cve/CVE-2024-35934

https://www.suse.com/security/cve/CVE-2024-35942

https://www.suse.com/security/cve/CVE-2024-36003

https://www.suse.com/security/cve/CVE-2024-36004

https://www.suse.com/security/cve/CVE-2024-36889

https://www.suse.com/security/cve/CVE-2024-36901

https://www.suse.com/security/cve/CVE-2024-36902

https://www.suse.com/security/cve/CVE-2024-36909

https://www.suse.com/security/cve/CVE-2024-36910

https://www.suse.com/security/cve/CVE-2024-36911

https://www.suse.com/security/cve/CVE-2024-36912

https://www.suse.com/security/cve/CVE-2024-36913

https://www.suse.com/security/cve/CVE-2024-36914

https://www.suse.com/security/cve/CVE-2024-36922

https://www.suse.com/security/cve/CVE-2024-38586

https://www.suse.com/security/cve/CVE-2024-38598

https://www.suse.com/security/cve/CVE-2024-38604

https://www.suse.com/security/cve/CVE-2024-38659

https://www.suse.com/security/cve/CVE-2024-39276

https://www.suse.com/security/cve/CVE-2024-39468

https://www.suse.com/security/cve/CVE-2024-39472

https://bugzilla.suse.com/1194869

https://bugzilla.suse.com/1215199

https://bugzilla.suse.com/1215587

https://bugzilla.suse.com/1218442

https://bugzilla.suse.com/1218730

https://bugzilla.suse.com/1218820

https://bugzilla.suse.com/1219832

https://bugzilla.suse.com/1220138

https://bugzilla.suse.com/1220427

https://bugzilla.suse.com/1220430

https://bugzilla.suse.com/1220942

https://bugzilla.suse.com/1221057

https://bugzilla.suse.com/1221647

https://bugzilla.suse.com/1221654

https://bugzilla.suse.com/1221656

https://bugzilla.suse.com/1221659

https://bugzilla.suse.com/1223731

https://bugzilla.suse.com/1223740

https://bugzilla.suse.com/1223778

https://bugzilla.suse.com/1223804

https://bugzilla.suse.com/1223806

https://bugzilla.suse.com/1223807

https://bugzilla.suse.com/1223813

https://bugzilla.suse.com/1223815

https://bugzilla.suse.com/1223836

https://bugzilla.suse.com/1223863

https://bugzilla.suse.com/1224414

https://bugzilla.suse.com/1224422

https://bugzilla.suse.com/1224490

https://bugzilla.suse.com/1224499

https://bugzilla.suse.com/1224512

https://bugzilla.suse.com/1224516

https://bugzilla.suse.com/1224544

https://bugzilla.suse.com/1224545

https://bugzilla.suse.com/1224589

https://bugzilla.suse.com/1224604

https://bugzilla.suse.com/1224636

https://bugzilla.suse.com/1224641

https://bugzilla.suse.com/1224743

https://bugzilla.suse.com/1224767

https://bugzilla.suse.com/1225088

https://bugzilla.suse.com/1225172

https://bugzilla.suse.com/1225272

https://bugzilla.suse.com/1225489

https://bugzilla.suse.com/1225600

https://bugzilla.suse.com/1225601

https://bugzilla.suse.com/1225711

https://bugzilla.suse.com/1225717

https://bugzilla.suse.com/1225719

https://bugzilla.suse.com/1225744

https://bugzilla.suse.com/1225745

https://bugzilla.suse.com/1225746

https://bugzilla.suse.com/1225752

https://bugzilla.suse.com/1225753

https://bugzilla.suse.com/1225757

https://bugzilla.suse.com/1225805

https://bugzilla.suse.com/1225810

https://bugzilla.suse.com/1225830

https://bugzilla.suse.com/1225835

https://bugzilla.suse.com/1225839

https://bugzilla.suse.com/1225840

https://bugzilla.suse.com/1225843

https://bugzilla.suse.com/1225847

https://bugzilla.suse.com/1225851

https://bugzilla.suse.com/1227487

https://bugzilla.suse.com/1227573

https://bugzilla.suse.com/1227626

https://bugzilla.suse.com/1227716

https://bugzilla.suse.com/1227719

https://bugzilla.suse.com/1227723

https://bugzilla.suse.com/1227730

https://bugzilla.suse.com/1227736

https://bugzilla.suse.com/1227755

https://bugzilla.suse.com/1227757

https://bugzilla.suse.com/1227762

https://bugzilla.suse.com/1227763

https://bugzilla.suse.com/1227813

https://bugzilla.suse.com/1227814

https://bugzilla.suse.com/1227836

https://bugzilla.suse.com/1227855

https://bugzilla.suse.com/1227862

https://bugzilla.suse.com/1227866

https://bugzilla.suse.com/1227886

https://bugzilla.suse.com/1227899

https://bugzilla.suse.com/1227910

https://bugzilla.suse.com/1227913

https://bugzilla.suse.com/1227926

https://bugzilla.suse.com/1228090

https://bugzilla.suse.com/1228192

https://bugzilla.suse.com/1228193

https://bugzilla.suse.com/1228211

https://bugzilla.suse.com/1228269

https://bugzilla.suse.com/1228289

https://bugzilla.suse.com/1228327

https://www.suse.com/security/cve/CVE-2023-52472

https://www.suse.com/security/cve/CVE-2023-52751

https://www.suse.com/security/cve/CVE-2023-52775

https://www.suse.com/security/cve/CVE-2024-25741

https://www.suse.com/security/cve/CVE-2024-26615

https://www.suse.com/security/cve/CVE-2024-26623

https://www.suse.com/security/cve/CVE-2024-26633

https://www.suse.com/security/cve/CVE-2024-26635

https://www.suse.com/security/cve/CVE-2024-26636

https://www.suse.com/security/cve/CVE-2024-26641

https://www.suse.com/security/cve/CVE-2024-26663

https://www.suse.com/security/cve/CVE-2024-26665

https://www.suse.com/security/cve/CVE-2024-26691

https://www.suse.com/security/cve/CVE-2024-26734

https://www.suse.com/security/cve/CVE-2024-26785

https://www.suse.com/security/cve/CVE-2024-26826

https://www.suse.com/security/cve/CVE-2024-26863

https://www.suse.com/security/cve/CVE-2024-26944

https://www.suse.com/security/cve/CVE-2024-27012

https://www.suse.com/security/cve/CVE-2024-27015

https://www.suse.com/security/cve/CVE-2024-27016

https://www.suse.com/security/cve/CVE-2024-27019

https://www.suse.com/security/cve/CVE-2024-27020

https://www.suse.com/security/cve/CVE-2024-27025

https://www.suse.com/security/cve/CVE-2024-27064

https://www.suse.com/security/cve/CVE-2024-27065

https://www.suse.com/security/cve/CVE-2024-27402

https://www.suse.com/security/cve/CVE-2024-27404

https://www.suse.com/security/cve/CVE-2024-35805

https://www.suse.com/security/cve/CVE-2024-35853

https://www.suse.com/security/cve/CVE-2024-35854

https://www.suse.com/security/cve/CVE-2024-36930

https://www.suse.com/security/cve/CVE-2024-36940

https://www.suse.com/security/cve/CVE-2024-36941

https://www.suse.com/security/cve/CVE-2024-36942

https://www.suse.com/security/cve/CVE-2024-36944

https://www.suse.com/security/cve/CVE-2024-36946

https://www.suse.com/security/cve/CVE-2024-36947

https://www.suse.com/security/cve/CVE-2024-36949

https://www.suse.com/security/cve/CVE-2024-36950

https://www.suse.com/security/cve/CVE-2024-39473

https://www.suse.com/security/cve/CVE-2024-36951

https://www.suse.com/security/cve/CVE-2024-36955

https://www.suse.com/security/cve/CVE-2024-36959

https://www.suse.com/security/cve/CVE-2024-36974

https://www.suse.com/security/cve/CVE-2024-38558

https://www.suse.com/security/cve/CVE-2024-39474

https://www.suse.com/security/cve/CVE-2024-39475

https://www.suse.com/security/cve/CVE-2024-39479

https://www.suse.com/security/cve/CVE-2024-39481

https://www.suse.com/security/cve/CVE-2024-39482

https://www.suse.com/security/cve/CVE-2024-39487

https://www.suse.com/security/cve/CVE-2024-39490

https://www.suse.com/security/cve/CVE-2024-39494

https://www.suse.com/security/cve/CVE-2024-39496

https://www.suse.com/security/cve/CVE-2024-39498

https://www.suse.com/security/cve/CVE-2024-39502

https://www.suse.com/security/cve/CVE-2024-39504

https://www.suse.com/security/cve/CVE-2024-39507

https://www.suse.com/security/cve/CVE-2024-40901

https://www.suse.com/security/cve/CVE-2024-40906

https://www.suse.com/security/cve/CVE-2024-40908

https://www.suse.com/security/cve/CVE-2024-40919

https://www.suse.com/security/cve/CVE-2024-40923

https://www.suse.com/security/cve/CVE-2024-40925

https://www.suse.com/security/cve/CVE-2024-40928

https://www.suse.com/security/cve/CVE-2024-40931

https://www.suse.com/security/cve/CVE-2024-40935

https://www.suse.com/security/cve/CVE-2024-40937

https://www.suse.com/security/cve/CVE-2024-40940

https://www.suse.com/security/cve/CVE-2024-40947

https://www.suse.com/security/cve/CVE-2024-40948

https://www.suse.com/security/cve/CVE-2024-40953

https://www.suse.com/security/cve/CVE-2024-40960

https://www.suse.com/security/cve/CVE-2024-40961

https://www.suse.com/security/cve/CVE-2024-40966

https://www.suse.com/security/cve/CVE-2024-40970

https://www.suse.com/security/cve/CVE-2024-40972

https://www.suse.com/security/cve/CVE-2024-40975

https://www.suse.com/security/cve/CVE-2024-40979

https://www.suse.com/security/cve/CVE-2024-40998

https://www.suse.com/security/cve/CVE-2024-40999

https://www.suse.com/security/cve/CVE-2024-41006

https://www.suse.com/security/cve/CVE-2024-41011

https://www.suse.com/security/cve/CVE-2024-41013

https://www.suse.com/security/cve/CVE-2024-41014

https://www.suse.com/security/cve/CVE-2024-41017

https://www.suse.com/security/cve/CVE-2024-41090

https://www.suse.com/security/cve/CVE-2024-41091

Plugin Details

Severity: High

ID: 205163

File Name: suse_SU-2024-2802-1.nasl

Version: 1.4

Type: local

Agent: unix

Published: 8/8/2024

Updated: 9/9/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-41011

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:kernel-64kb-devel, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-default-extra, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:kernel-livepatch-6_4_0-150600_23_17-default, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-64kb

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/7/2024

Vulnerability Publication Date: 12/25/2023

Reference Information

CVE: CVE-2023-38417, CVE-2023-47210, CVE-2023-51780, CVE-2023-52435, CVE-2023-52472, CVE-2023-52751, CVE-2023-52775, CVE-2024-25741, CVE-2024-26615, CVE-2024-26623, CVE-2024-26633, CVE-2024-26635, CVE-2024-26636, CVE-2024-26641, CVE-2024-26663, CVE-2024-26665, CVE-2024-26691, CVE-2024-26734, CVE-2024-26785, CVE-2024-26826, CVE-2024-26863, CVE-2024-26944, CVE-2024-27012, CVE-2024-27015, CVE-2024-27016, CVE-2024-27019, CVE-2024-27020, CVE-2024-27025, CVE-2024-27064, CVE-2024-27065, CVE-2024-27402, CVE-2024-27404, CVE-2024-35805, CVE-2024-35853, CVE-2024-35854, CVE-2024-35890, CVE-2024-35893, CVE-2024-35899, CVE-2024-35908, CVE-2024-35934, CVE-2024-35942, CVE-2024-36003, CVE-2024-36004, CVE-2024-36889, CVE-2024-36901, CVE-2024-36902, CVE-2024-36909, CVE-2024-36910, CVE-2024-36911, CVE-2024-36912, CVE-2024-36913, CVE-2024-36914, CVE-2024-36922, CVE-2024-36930, CVE-2024-36940, CVE-2024-36941, CVE-2024-36942, CVE-2024-36944, CVE-2024-36946, CVE-2024-36947, CVE-2024-36949, CVE-2024-36950, CVE-2024-36951, CVE-2024-36955, CVE-2024-36959, CVE-2024-36974, CVE-2024-38558, CVE-2024-38586, CVE-2024-38598, CVE-2024-38604, CVE-2024-38659, CVE-2024-39276, CVE-2024-39468, CVE-2024-39472, CVE-2024-39473, CVE-2024-39474, CVE-2024-39475, CVE-2024-39479, CVE-2024-39481, CVE-2024-39482, CVE-2024-39487, CVE-2024-39490, CVE-2024-39494, CVE-2024-39496, CVE-2024-39498, CVE-2024-39502, CVE-2024-39504, CVE-2024-39507, CVE-2024-40901, CVE-2024-40906, CVE-2024-40908, CVE-2024-40919, CVE-2024-40923, CVE-2024-40925, CVE-2024-40928, CVE-2024-40931, CVE-2024-40935, CVE-2024-40937, CVE-2024-40940, CVE-2024-40947, CVE-2024-40948, CVE-2024-40953, CVE-2024-40960, CVE-2024-40961, CVE-2024-40966, CVE-2024-40970, CVE-2024-40972, CVE-2024-40975, CVE-2024-40979, CVE-2024-40998, CVE-2024-40999, CVE-2024-41006, CVE-2024-41011, CVE-2024-41013, CVE-2024-41014, CVE-2024-41017, CVE-2024-41090, CVE-2024-41091

SuSE: SUSE-SU-2024:2802-1