Upstream information
Description
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Immediately reset the MMU context when the SMM flag is cleared Immediately reset the MMU context when the vCPU's SMM flag is cleared so that the SMM flag in the MMU role is always synchronized with the vCPU's flag. If RSM fails (which isn't correctly emulated), KVM will bail without calling post_leave_smm() and leave the MMU in a bad state. The bad MMU role can lead to a NULL pointer dereference when grabbing a shadow page's rmap for a page fault as the initial lookups for the gfn will happen with the vCPU's SMM flag (=0), whereas the rmap lookup will use the shadow page's SMM flag, which comes from the MMU (=1). SMM has an entirely different set of memslots, and so the initial lookup can find a memslot (SMM=0) and then explode on the rmap memslot lookup (SMM=1). general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] CPU: 1 PID: 8410 Comm: syz-executor382 Not tainted 5.13.0-rc5-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:__gfn_to_rmap arch/x86/kvm/mmu/mmu.c:935 [inline] RIP: 0010:gfn_to_rmap+0x2b0/0x4d0 arch/x86/kvm/mmu/mmu.c:947 Code: <42> 80 3c 20 00 74 08 4c 89 ff e8 f1 79 a9 00 4c 89 fb 4d 8b 37 44 RSP: 0018:ffffc90000ffef98 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff888015b9f414 RCX: ffff888019669c40 RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 RBP: 0000000000000001 R08: ffffffff811d9cdb R09: ffffed10065a6002 R10: ffffed10065a6002 R11: 0000000000000000 R12: dffffc0000000000 R13: 0000000000000003 R14: 0000000000000001 R15: 0000000000000000 FS: 000000000124b300(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000028e31000 CR4: 00000000001526e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: rmap_add arch/x86/kvm/mmu/mmu.c:965 [inline] mmu_set_spte+0x862/0xe60 arch/x86/kvm/mmu/mmu.c:2604 __direct_map arch/x86/kvm/mmu/mmu.c:2862 [inline] direct_page_fault+0x1f74/0x2b70 arch/x86/kvm/mmu/mmu.c:3769 kvm_mmu_do_page_fault arch/x86/kvm/mmu.h:124 [inline] kvm_mmu_page_fault+0x199/0x1440 arch/x86/kvm/mmu/mmu.c:5065 vmx_handle_exit+0x26/0x160 arch/x86/kvm/vmx/vmx.c:6122 vcpu_enter_guest+0x3bdd/0x9630 arch/x86/kvm/x86.c:9428 vcpu_run+0x416/0xc20 arch/x86/kvm/x86.c:9494 kvm_arch_vcpu_ioctl_run+0x4e8/0xa40 arch/x86/kvm/x86.c:9722 kvm_vcpu_ioctl+0x70f/0xbb0 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3460 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:1069 [inline] __se_sys_ioctl+0xfb/0x170 fs/ioctl.c:1055 do_syscall_64+0x3f/0xb0 arch/x86/entry/common.c:47 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x440ce9SUSE information
Overall state of this security issue: Pending
This issue is currently rated as having moderate severity.
| SUSE | |
|---|---|
| Base Score | 5.5 |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
| Attack Vector | Local |
| Attack Complexity | Low |
| Privileges Required | Low |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | High |
| CVSSv3 Version | 3.1 |
SUSE Security Advisories:
- SUSE-SU-2024:2010-1, published Wed Jun 12 20:32:07 UTC 2024
- SUSE-SU-2024:2185-1, published Mon Jun 24 20:32:32 UTC 2024
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| Container suse/sle-micro-rancher/5.2:latest |
| |
| SUSE Enterprise Storage 7.1 |
| Patchnames: SUSE-Storage-7.1-2024-2185 |
| SUSE Linux Enterprise High Availability Extension 15 SP3 |
| Patchnames: SUSE-SLE-Product-HA-15-SP3-2024-2185 |
| SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS |
| Patchnames: SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2185 |
| SUSE Linux Enterprise Live Patching 15 SP3 | Patchnames: SUSE-SLE-Module-Live-Patching-15-SP3-2024-2185 | |
| SUSE Linux Enterprise Micro 5.1 |
| Patchnames: SUSE-SUSE-MicroOS-5.1-2024-2010 SUSE-SUSE-MicroOS-5.1-2024-2185 |
| SUSE Linux Enterprise Micro 5.2 |
| Patchnames: SUSE-SUSE-MicroOS-5.2-2024-2010 SUSE-SUSE-MicroOS-5.2-2024-2185 |
| SUSE Linux Enterprise Server 15 SP3-LTSS |
| Patchnames: SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2185 |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 |
| Patchnames: SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2185 |
Status of this issue by product and package
Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification. The updates are grouped by state of their lifecycle. SUSE product lifecycles are documented on the lifecycle page.
| Product(s) | Source package | State |
|---|---|---|
| Products under general support and receiving all security fixes. | ||
| SLES15-SP5-CHOST-BYOS-Aliyun | kernel-default | Analysis |
| SLES15-SP5-CHOST-BYOS-Azure | kernel-default | Analysis |
| SLES15-SP5-CHOST-BYOS-EC2 | kernel-default | Analysis |
| SLES15-SP5-CHOST-BYOS-GCE | kernel-default | Analysis |
| SLES15-SP5-CHOST-BYOS-SAP-CCloud | kernel-default | Analysis |
| SUSE Enterprise Storage 7.1 | kernel-64kb | Released |
| SUSE Enterprise Storage 7.1 | kernel-default | Released |
| SUSE Enterprise Storage 7.1 | kernel-default-base | Released |
| SUSE Enterprise Storage 7.1 | kernel-docs | Released |
| SUSE Enterprise Storage 7.1 | kernel-obs-build | Released |
| SUSE Enterprise Storage 7.1 | kernel-preempt | Released |
| SUSE Enterprise Storage 7.1 | kernel-source | Released |
| SUSE Enterprise Storage 7.1 | kernel-syms | Released |
| SUSE Enterprise Storage 7.1 | kernel-zfcpdump | Affected |
| SUSE Linux Enterprise Desktop 15 SP5 | kernel-default | Already fixed |
| SUSE Linux Enterprise Desktop 15 SP5 | kernel-source | Already fixed |
| SUSE Linux Enterprise Desktop 15 SP6 | kernel-default | Already fixed |
| SUSE Linux Enterprise Desktop 15 SP6 | kernel-source | Already fixed |
| SUSE Linux Enterprise High Availability Extension 15 SP5 | kernel-default | Analysis |
| SUSE Linux Enterprise High Performance Computing 12 SP5 | kernel-default | Not affected |
| SUSE Linux Enterprise High Performance Computing 12 SP5 | kernel-source | Not affected |
| SUSE Linux Enterprise High Performance Computing 12 SP5 | kernel-source-azure | Not affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5 | kernel-default | Already fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP5 | kernel-source | Already fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP5 | kernel-source-azure | Already fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP6 | kernel-default | Already fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP6 | kernel-source | Already fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP6 | kernel-source-azure | Already fixed |
| SUSE Linux Enterprise Live Patching 15 SP5 | kernel-default | Analysis |
| SUSE Linux Enterprise Micro 5.1 | kernel-default | Released |
| SUSE Linux Enterprise Micro 5.1 | kernel-default-base | Released |
| SUSE Linux Enterprise Micro 5.1 | kernel-rt | Released |
| SUSE Linux Enterprise Micro 5.1 | kernel-source-rt | Released |
| SUSE Linux Enterprise Micro 5.2 | kernel-default | Released |
| SUSE Linux Enterprise Micro 5.2 | kernel-default-base | Released |
| SUSE Linux Enterprise Micro 5.2 | kernel-rt | Released |
| SUSE Linux Enterprise Micro 5.2 | kernel-source-rt | Released |
| SUSE Linux Enterprise Micro 5.3 | kernel-default | Already fixed |
| SUSE Linux Enterprise Micro 5.3 | kernel-rt | Already fixed |
| SUSE Linux Enterprise Micro 5.3 | kernel-source-rt | Already fixed |
| SUSE Linux Enterprise Micro 5.4 | kernel-default | Already fixed |
| SUSE Linux Enterprise Micro 5.4 | kernel-rt | Already fixed |
| SUSE Linux Enterprise Micro 5.4 | kernel-source-rt | Already fixed |
| SUSE Linux Enterprise Micro 5.5 | kernel-default | Analysis |
| SUSE Linux Enterprise Micro 5.5 | kernel-source-rt | Already fixed |
| SUSE Linux Enterprise Micro for Rancher 5.2 | kernel-default | Released |
| SUSE Linux Enterprise Micro for Rancher 5.2 | kernel-rt | Released |
| SUSE Linux Enterprise Micro for Rancher 5.2 | kernel-source-rt | Released |
| SUSE Linux Enterprise Module for Basesystem 15 SP5 | kernel-default | Already fixed |
| SUSE Linux Enterprise Module for Basesystem 15 SP5 | kernel-source | Already fixed |
| SUSE Linux Enterprise Module for Basesystem 15 SP6 | kernel-default | Already fixed |
| SUSE Linux Enterprise Module for Basesystem 15 SP6 | kernel-source | Already fixed |
| SUSE Linux Enterprise Module for Development Tools 15 SP5 | kernel-default | Already fixed |
| SUSE Linux Enterprise Module for Development Tools 15 SP5 | kernel-source | Already fixed |
| SUSE Linux Enterprise Module for Development Tools 15 SP6 | kernel-default | Already fixed |
| SUSE Linux Enterprise Module for Development Tools 15 SP6 | kernel-source | Already fixed |
| SUSE Linux Enterprise Module for Legacy 15 SP5 | kernel-default | Analysis |
| SUSE Linux Enterprise Module for Public Cloud 15 SP5 | kernel-source-azure | Already fixed |
| SUSE Linux Enterprise Module for Public Cloud 15 SP6 | kernel-source-azure | Already fixed |
| SUSE Linux Enterprise Real Time 12 SP5 | kernel-source-rt | Not affected |
| SUSE Linux Enterprise Real Time 15 SP5 | kernel-source-rt | Already fixed |
| SUSE Linux Enterprise Real Time 15 SP6 | kernel-source-rt | Already fixed |
| SUSE Linux Enterprise Server 12 SP5 | kernel-default | Not affected |
| SUSE Linux Enterprise Server 12 SP5 | kernel-source | Not affected |
| SUSE Linux Enterprise Server 12 SP5 | kernel-source-azure | Not affected |
| SUSE Linux Enterprise Server 15 SP5 | kernel-default | Already fixed |
| SUSE Linux Enterprise Server 15 SP5 | kernel-source | Already fixed |
| SUSE Linux Enterprise Server 15 SP5 | kernel-source-azure | Already fixed |
| SUSE Linux Enterprise Server 15 SP6 | kernel-default | Already fixed |
| SUSE Linux Enterprise Server 15 SP6 | kernel-source | Already fixed |
| SUSE Linux Enterprise Server 15 SP6 | kernel-source-azure | Already fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 SP5 | kernel-default | Not affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP5 | kernel-source | Not affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP5 | kernel-source-azure | Not affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP5 | kernel-default | Already fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP5 | kernel-source | Already fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP5 | kernel-source-azure | Already fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP6 | kernel-default | Already fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP6 | kernel-source | Already fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP6 | kernel-source-azure | Already fixed |
| SUSE Linux Enterprise Workstation Extension 15 SP5 | kernel-default | Analysis |
| SUSE Manager Proxy 4.3 | kernel-default | Already fixed |
| SUSE Manager Proxy 4.3 | kernel-source | Already fixed |
| SUSE Manager Retail Branch Server 4.3 | kernel-default | Already fixed |
| SUSE Manager Retail Branch Server 4.3 | kernel-source | Already fixed |
| SUSE Manager Server 4.3 | kernel-default | Already fixed |
| SUSE Manager Server 4.3 | kernel-source | Already fixed |
| SUSE Real Time Module 15 SP5 | kernel-source-rt | Already fixed |
| SUSE Real Time Module 15 SP6 | kernel-source-rt | Already fixed |
| openSUSE Leap 15.5 | kernel-default | Already fixed |
| openSUSE Leap 15.5 | kernel-source | Already fixed |
| openSUSE Leap 15.5 | kernel-source-azure | Already fixed |
| openSUSE Leap 15.5 | kernel-source-rt | Already fixed |
| openSUSE Leap 15.6 | kernel-default | Already fixed |
| openSUSE Leap 15.6 | kernel-source | Already fixed |
| openSUSE Leap 15.6 | kernel-source-azure | Already fixed |
| openSUSE Leap 15.6 | kernel-source-rt | Already fixed |
| Products under Long Term Service Pack support and receiving important and critical security fixes. | ||
| SLES15-SP3-CHOST-BYOS-Aliyun | kernel-default | In progress |
| SLES15-SP3-CHOST-BYOS-Azure | kernel-default | In progress |
| SLES15-SP3-CHOST-BYOS-EC2 | kernel-default | In progress |
| SLES15-SP3-CHOST-BYOS-GCE | kernel-default | In progress |
| SLES15-SP3-CHOST-BYOS-SAP-CCloud | kernel-default | In progress |
| SUSE Linux Enterprise Desktop 15 SP4 | kernel-source | Already fixed |
| SUSE Linux Enterprise High Availability Extension 15 SP3 | kernel-default | Released |
| SUSE Linux Enterprise High Performance Computing 15 SP2 | kernel-source | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS | kernel-source | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS | kernel-default | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS | kernel-source | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3 | kernel-64kb | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3 | kernel-default | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3 | kernel-docs | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3 | kernel-obs-build | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3 | kernel-preempt | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3 | kernel-source | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3 | kernel-syms | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3 | kernel-zfcpdump | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS | kernel-64kb | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS | kernel-default | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS | kernel-docs | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS | kernel-obs-build | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS | kernel-preempt | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS | kernel-source | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS | kernel-syms | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | kernel-64kb | Released |
| SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | kernel-default | Released |
| SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | kernel-default-base | Released |
| SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | kernel-docs | Released |
| SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | kernel-obs-build | Released |
| SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | kernel-preempt | Released |
| SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | kernel-source | Released |
| SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | kernel-syms | Released |
| SUSE Linux Enterprise High Performance Computing 15 SP4 | kernel-source | Already fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS | kernel-default | Already fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS | kernel-source | Already fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS | kernel-default | Already fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS | kernel-source | Already fixed |
| SUSE Linux Enterprise Live Patching 15 SP3 | kernel-default | Released |
| SUSE Linux Enterprise Live Patching 15 SP3 | kernel-livepatch-SLE15-SP3_Update_45 | Released |
| SUSE Linux Enterprise Module for Basesystem 15 SP2 | kernel-source | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP3 | kernel-64kb | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP3 | kernel-default | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP3 | kernel-preempt | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP3 | kernel-source | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP3 | kernel-zfcpdump | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP4 | kernel-source | Already fixed |
| SUSE Linux Enterprise Module for Development Tools 15 SP2 | kernel-source | Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP3 | kernel-docs | Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP3 | kernel-obs-build | Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP3 | kernel-preempt | Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP3 | kernel-source | Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP3 | kernel-syms | Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP4 | kernel-source | Already fixed |
| SUSE Linux Enterprise Module for Legacy 15 SP3 | kernel-default | Affected |
| SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE | kernel-default | Not affected |
| SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE | kernel-source | Not affected |
| SUSE Linux Enterprise Server 15 SP2 | kernel-source | Affected |
| SUSE Linux Enterprise Server 15 SP2-LTSS | kernel-default | Affected |
| SUSE Linux Enterprise Server 15 SP2-LTSS | kernel-source | Affected |
| SUSE Linux Enterprise Server 15 SP3 | kernel-64kb | Affected |
| SUSE Linux Enterprise Server 15 SP3 | kernel-default | Affected |
| SUSE Linux Enterprise Server 15 SP3 | kernel-docs | Affected |
| SUSE Linux Enterprise Server 15 SP3 | kernel-obs-build | Affected |
| SUSE Linux Enterprise Server 15 SP3 | kernel-preempt | Affected |
| SUSE Linux Enterprise Server 15 SP3 | kernel-source | Affected |
| SUSE Linux Enterprise Server 15 SP3 | kernel-syms | Affected |
| SUSE Linux Enterprise Server 15 SP3 | kernel-zfcpdump | Affected |
| SUSE Linux Enterprise Server 15 SP3-LTSS | kernel-64kb | Released |
| SUSE Linux Enterprise Server 15 SP3-LTSS | kernel-default | Released |
| SUSE Linux Enterprise Server 15 SP3-LTSS | kernel-default-base | Released |
| SUSE Linux Enterprise Server 15 SP3-LTSS | kernel-docs | Released |
| SUSE Linux Enterprise Server 15 SP3-LTSS | kernel-obs-build | Released |
| SUSE Linux Enterprise Server 15 SP3-LTSS | kernel-preempt | Released |
| SUSE Linux Enterprise Server 15 SP3-LTSS | kernel-source | Released |
| SUSE Linux Enterprise Server 15 SP3-LTSS | kernel-syms | Released |
| SUSE Linux Enterprise Server 15 SP3-LTSS | kernel-zfcpdump | Released |
| SUSE Linux Enterprise Server 15 SP4 | kernel-source | Already fixed |
| SUSE Linux Enterprise Server 15 SP4-LTSS | kernel-default | Already fixed |
| SUSE Linux Enterprise Server 15 SP4-LTSS | kernel-source | Already fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP2 | kernel-default | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP2 | kernel-source | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 | kernel-64kb | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 | kernel-default | Released |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 | kernel-default-base | Released |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 | kernel-docs | Released |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 | kernel-obs-build | Released |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 | kernel-preempt | Released |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 | kernel-source | Released |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 | kernel-syms | Released |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 | kernel-zfcpdump | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP4 | kernel-default | Already fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP4 | kernel-source | Already fixed |
| Products past their end of life and not receiving proactive updates anymore. | ||
| HPE Helion OpenStack 8 | kernel-source | Not affected |
| SUSE CaaS Platform 4.0 | kernel-source | Not affected |
| SUSE Enterprise Storage 6 | kernel-source | Not affected |
| SUSE Enterprise Storage 7 | kernel-source | Affected |
| SUSE Linux Enterprise Desktop 12 SP3 | kernel-source | Not affected |
| SUSE Linux Enterprise Desktop 12 SP4 | kernel-source | Not affected |
| SUSE Linux Enterprise Desktop 15 | kernel-source | Not affected |
| SUSE Linux Enterprise Desktop 15 SP1 | kernel-source | Not affected |
| SUSE Linux Enterprise Desktop 15 SP2 | kernel-source | Affected |
| SUSE Linux Enterprise Desktop 15 SP3 | kernel-64kb | Affected |
| SUSE Linux Enterprise Desktop 15 SP3 | kernel-default | Affected |
| SUSE Linux Enterprise Desktop 15 SP3 | kernel-docs | Affected |
| SUSE Linux Enterprise Desktop 15 SP3 | kernel-obs-build | Affected |
| SUSE Linux Enterprise Desktop 15 SP3 | kernel-preempt | Affected |
| SUSE Linux Enterprise Desktop 15 SP3 | kernel-source | Affected |
| SUSE Linux Enterprise Desktop 15 SP3 | kernel-syms | Affected |
| SUSE Linux Enterprise Desktop 15 SP3 | kernel-zfcpdump | Affected |
| SUSE Linux Enterprise High Performance Computing 15 | kernel-source | Not affected |
| SUSE Linux Enterprise High Performance Computing 15 SP1 | kernel-source | Not affected |
| SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS | kernel-source | Not affected |
| SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS | kernel-source | Not affected |
| SUSE Linux Enterprise High Performance Computing 15-ESPOS | kernel-source | Not affected |
| SUSE Linux Enterprise High Performance Computing 15-LTSS | kernel-source | Not affected |
| SUSE Linux Enterprise Micro 5.0 | kernel-default | Not affected |
| SUSE Linux Enterprise Module for Basesystem 15 | kernel-source | Not affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP1 | kernel-source | Not affected |
| SUSE Linux Enterprise Module for Development Tools 15 | kernel-source | Not affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP1 | kernel-source | Not affected |
| SUSE Linux Enterprise Real Time 15 SP2 | kernel-source | Affected |
| SUSE Linux Enterprise Real Time 15 SP3 | kernel-default | Affected |
| SUSE Linux Enterprise Real Time 15 SP3 | kernel-docs | Affected |
| SUSE Linux Enterprise Real Time 15 SP3 | kernel-obs-build | Affected |
| SUSE Linux Enterprise Real Time 15 SP3 | kernel-preempt | Affected |
| SUSE Linux Enterprise Real Time 15 SP3 | kernel-rt | Affected |
| SUSE Linux Enterprise Real Time 15 SP3 | kernel-rt_debug | Affected |
| SUSE Linux Enterprise Real Time 15 SP3 | kernel-source | Affected |
| SUSE Linux Enterprise Real Time 15 SP3 | kernel-source-rt | Affected |
| SUSE Linux Enterprise Real Time 15 SP3 | kernel-syms | Affected |
| SUSE Linux Enterprise Real Time 15 SP3 | kernel-syms-rt | Affected |
| SUSE Linux Enterprise Real Time 15 SP4 | kernel-source | Already fixed |
| SUSE Linux Enterprise Real Time 15 SP4 | kernel-source-rt | Already fixed |
| SUSE Linux Enterprise Server 11 SP4 | kernel-source | Not affected |
| SUSE Linux Enterprise Server 11 SP4 LTSS | kernel-default | Not affected |
| SUSE Linux Enterprise Server 11 SP4 LTSS | kernel-source | Not affected |
| SUSE Linux Enterprise Server 11 SP4-LTSS | kernel-source | Not affected |
| SUSE Linux Enterprise Server 12 SP3 | kernel-source | Not affected |
| SUSE Linux Enterprise Server 12 SP3-BCL | kernel-source | Not affected |
| SUSE Linux Enterprise Server 12 SP3-ESPOS | kernel-source | Not affected |
| SUSE Linux Enterprise Server 12 SP3-LTSS | kernel-source | Not affected |
| SUSE Linux Enterprise Server 12 SP4 | kernel-source | Not affected |
| SUSE Linux Enterprise Server 12 SP4-ESPOS | kernel-source | Not affected |
| SUSE Linux Enterprise Server 12 SP4-LTSS | kernel-default | Not affected |
| SUSE Linux Enterprise Server 12 SP4-LTSS | kernel-source | Not affected |
| SUSE Linux Enterprise Server 15 | kernel-source | Not affected |
| SUSE Linux Enterprise Server 15 SP1 | kernel-source | Not affected |
| SUSE Linux Enterprise Server 15 SP1-BCL | kernel-source | Not affected |
| SUSE Linux Enterprise Server 15 SP1-LTSS | kernel-default | Not affected |
| SUSE Linux Enterprise Server 15 SP1-LTSS | kernel-source | Not affected |
| SUSE Linux Enterprise Server 15 SP2-BCL | kernel-source | Affected |
| SUSE Linux Enterprise Server 15 SP3-BCL | kernel-default | Affected |
| SUSE Linux Enterprise Server 15 SP3-BCL | kernel-docs | Affected |
| SUSE Linux Enterprise Server 15 SP3-BCL | kernel-obs-build | Affected |
| SUSE Linux Enterprise Server 15 SP3-BCL | kernel-preempt | Affected |
| SUSE Linux Enterprise Server 15 SP3-BCL | kernel-source | Affected |
| SUSE Linux Enterprise Server 15 SP3-BCL | kernel-syms | Affected |
| SUSE Linux Enterprise Server 15-LTSS | kernel-default | Not affected |
| SUSE Linux Enterprise Server 15-LTSS | kernel-source | Not affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP3 | kernel-source | Not affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP4 | kernel-default | Not affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP4 | kernel-source | Not affected |
| SUSE Linux Enterprise Server for SAP Applications 15 | kernel-source | Not affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP1 | kernel-source | Not affected |
| SUSE Linux Enterprise Workstation Extension 15 SP3 | kernel-default | Affected |
| SUSE Linux Enterprise Workstation Extension 15 SP3 | kernel-preempt | Affected |
| SUSE Manager Proxy 4.0 | kernel-source | Not affected |
| SUSE Manager Proxy 4.1 | kernel-source | Affected |
| SUSE Manager Proxy 4.2 | kernel-64kb | Affected |
| SUSE Manager Proxy 4.2 | kernel-default | Affected |
| SUSE Manager Proxy 4.2 | kernel-docs | Affected |
| SUSE Manager Proxy 4.2 | kernel-obs-build | Affected |
| SUSE Manager Proxy 4.2 | kernel-preempt | Affected |
| SUSE Manager Proxy 4.2 | kernel-source | Affected |
| SUSE Manager Proxy 4.2 | kernel-syms | Affected |
| SUSE Manager Proxy 4.2 | kernel-zfcpdump | Affected |
| SUSE Manager Retail Branch Server 4.0 | kernel-source | Not affected |
| SUSE Manager Retail Branch Server 4.1 | kernel-source | Affected |
| SUSE Manager Retail Branch Server 4.2 | kernel-64kb | Affected |
| SUSE Manager Retail Branch Server 4.2 | kernel-default | Affected |
| SUSE Manager Retail Branch Server 4.2 | kernel-docs | Affected |
| SUSE Manager Retail Branch Server 4.2 | kernel-obs-build | Affected |
| SUSE Manager Retail Branch Server 4.2 | kernel-preempt | Affected |
| SUSE Manager Retail Branch Server 4.2 | kernel-source | Affected |
| SUSE Manager Retail Branch Server 4.2 | kernel-syms | Affected |
| SUSE Manager Retail Branch Server 4.2 | kernel-zfcpdump | Affected |
| SUSE Manager Server 4.0 | kernel-source | Not affected |
| SUSE Manager Server 4.1 | kernel-source | Affected |
| SUSE Manager Server 4.2 | kernel-64kb | Affected |
| SUSE Manager Server 4.2 | kernel-default | Affected |
| SUSE Manager Server 4.2 | kernel-docs | Affected |
| SUSE Manager Server 4.2 | kernel-obs-build | Affected |
| SUSE Manager Server 4.2 | kernel-preempt | Affected |
| SUSE Manager Server 4.2 | kernel-source | Affected |
| SUSE Manager Server 4.2 | kernel-syms | Affected |
| SUSE Manager Server 4.2 | kernel-zfcpdump | Affected |
| SUSE OpenStack Cloud 8 | kernel-source | Not affected |
| SUSE OpenStack Cloud 9 | kernel-default | Not affected |
| SUSE OpenStack Cloud 9 | kernel-source | Not affected |
| SUSE OpenStack Cloud Crowbar 8 | kernel-source | Not affected |
| SUSE OpenStack Cloud Crowbar 9 | kernel-default | Not affected |
| SUSE OpenStack Cloud Crowbar 9 | kernel-source | Not affected |
| SUSE Real Time Module 15 SP3 | kernel-rt | Affected |
| SUSE Real Time Module 15 SP3 | kernel-rt_debug | Affected |
| SUSE Real Time Module 15 SP3 | kernel-source-rt | Affected |
| SUSE Real Time Module 15 SP3 | kernel-syms-rt | Affected |
| SUSE Real Time Module 15 SP4 | kernel-source-rt | Already fixed |
| openSUSE Leap 15.3 | dtb-aarch64 | Released |
| openSUSE Leap 15.3 | kernel-64kb | Released |
| openSUSE Leap 15.3 | kernel-debug | Released |
| openSUSE Leap 15.3 | kernel-default | Released |
| openSUSE Leap 15.3 | kernel-docs | Released |
| openSUSE Leap 15.3 | kernel-kvmsmall | Released |
| openSUSE Leap 15.3 | kernel-lpae | Released |
| openSUSE Leap 15.3 | kernel-obs-build | Released |
| openSUSE Leap 15.3 | kernel-obs-qa | Released |
| openSUSE Leap 15.3 | kernel-preempt | Released |
| openSUSE Leap 15.3 | kernel-source | Released |
| openSUSE Leap 15.3 | kernel-syms | Released |
| openSUSE Leap 15.3 | kernel-zfcpdump | Released |
| Container Status | ||
| suse/hpc/warewulf4-x86_64/sle-hpc-node | kernel-default | Analysis |
| suse/sle-micro-rancher/5.2 | kernel-default | Released |
| suse/sles/15.3/libguestfs-tools:0.45.0 | kernel-kvmsmall | In progress |
SUSE Timeline for this CVE
CVE page created: Tue May 21 18:00:25 2024CVE page last modified: Wed Jun 26 19:41:57 2024