CVE-2024-53216 Common Vulnerabilities and Exposures

Upstream information

CVE-2024-53216 at MITRE

Description

In the Linux kernel, the following vulnerability has been resolved:

nfsd: release svc_expkey/svc_export with rcu_work

The last reference for `cache_head` can be reduced to zero in `c_show`
and `e_show`(using `rcu_read_lock` and `rcu_read_unlock`). Consequently,
`svc_export_put` and `expkey_put` will be invoked, leading to two
issues:

1. The `svc_export_put` will directly free ex_uuid. However,
`e_show`/`c_show` will access `ex_uuid` after `cache_put`, which can
trigger a use-after-free issue, shown below.

==================================================================
BUG: KASAN: slab-use-after-free in svc_export_show+0x362/0x430 [nfsd]
Read of size 1 at addr ff11000010fdc120 by task cat/870

CPU: 1 UID: 0 PID: 870 Comm: cat Not tainted 6.12.0-rc3+ #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
1.16.1-2.fc37 04/01/2014
Call Trace:
<TASK>
dump_stack_lvl+0x53/0x70
print_address_description.constprop.0+0x2c/0x3a0
print_report+0xb9/0x280
kasan_report+0xae/0xe0
svc_export_show+0x362/0x430 [nfsd]
c_show+0x161/0x390 [sunrpc]
seq_read_iter+0x589/0x770
seq_read+0x1e5/0x270
proc_reg_read+0xe1/0x140
vfs_read+0x125/0x530
ksys_read+0xc1/0x160
do_syscall_64+0x5f/0x170
entry_SYSCALL_64_after_hwframe+0x76/0x7e

Allocated by task 830:
kasan_save_stack+0x20/0x40
kasan_save_track+0x14/0x30
__kasan_kmalloc+0x8f/0xa0
__kmalloc_node_track_caller_noprof+0x1bc/0x400
kmemdup_noprof+0x22/0x50
svc_export_parse+0x8a9/0xb80 [nfsd]
cache_do_downcall+0x71/0xa0 [sunrpc]
cache_write_procfs+0x8e/0xd0 [sunrpc]
proc_reg_write+0xe1/0x140
vfs_write+0x1a5/0x6d0
ksys_write+0xc1/0x160
do_syscall_64+0x5f/0x170
entry_SYSCALL_64_after_hwframe+0x76/0x7e

Freed by task 868:
kasan_save_stack+0x20/0x40
kasan_save_track+0x14/0x30
kasan_save_free_info+0x3b/0x60
__kasan_slab_free+0x37/0x50
kfree+0xf3/0x3e0
svc_export_put+0x87/0xb0 [nfsd]
cache_purge+0x17f/0x1f0 [sunrpc]
nfsd_destroy_serv+0x226/0x2d0 [nfsd]
nfsd_svc+0x125/0x1e0 [nfsd]
write_threads+0x16a/0x2a0 [nfsd]
nfsctl_transaction_write+0x74/0xa0 [nfsd]
vfs_write+0x1a5/0x6d0
ksys_write+0xc1/0x160
do_syscall_64+0x5f/0x170
entry_SYSCALL_64_after_hwframe+0x76/0x7e

2. We cannot sleep while using `rcu_read_lock`/`rcu_read_unlock`.
However, `svc_export_put`/`expkey_put` will call path_put, which
subsequently triggers a sleeping operation due to the following
`dput`.

=============================
WARNING: suspicious RCU usage
5.10.0-dirty #141 Not tainted
-----------------------------
...
Call Trace:
dump_stack+0x9a/0xd0
___might_sleep+0x231/0x240
dput+0x39/0x600
path_put+0x1b/0x30
svc_export_put+0x17/0x80
e_show+0x1c9/0x200
seq_read_iter+0x63f/0x7c0
seq_read+0x226/0x2d0
vfs_read+0x113/0x2c0
ksys_read+0xc9/0x170
do_syscall_64+0x33/0x40
entry_SYSCALL_64_after_hwframe+0x67/0xd1

Fix these issues by using `rcu_work` to help release
`svc_expkey`/`svc_export`. This approach allows for an asynchronous
context to invoke `path_put` and also facilitates the freeing of
`uuid/exp/key` after an RCU grace period.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v3 Scores
	SUSE
Base Score	6.6
Vector	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Attack Vector	Local
Attack Complexity	Low
Privileges Required	Low
User Interaction	None
Scope	Unchanged
Confidentiality Impact	Low
Integrity Impact	Low
Availability Impact	High
CVSSv3 Version	3.1

CVSS v4 Scores
	SUSE
Base Score	6.9
Vector	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
Attack Vector	Local
Attack Complexity	Low
Attack Requirements	None
Privileges Required	Low
User Interaction	None
Vulnerable System Confidentiality Impact	Low
Vulnerable System Integrity Impact	Low
Vulnerable System Availability Impact	High
Subsequent System Confidentiality Impact	None
Subsequent System Integrity Impact	None
Subsequent System Availability Impact	None
CVSSv4 Version	4.0

Note from the SUSE Security Team on the kernel-default package

SUSE will no longer fix all CVEs in the Linux Kernel anymore, but declare some bug classes as won't fix. Please refer to TID 21496 for more details.

SUSE Bugzilla entry: 1235003 [IN_PROGRESS]

SUSE Security Advisories:

SUSE-SU-2025:0117-1, published 2025-01-15T09:07:51Z
SUSE-SU-2025:0153-1, published 2025-01-17T09:14:13Z
SUSE-SU-2025:0154-1, published 2025-01-17T09:15:31Z

List of released packages

Product(s)	Fixed package version(s)	References
Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest	`kernel-default >= 6.4.0-150600.23.33.1`
SUSE Linux Enterprise Desktop 15 SP6	`kernel-64kb >= 6.4.0-150600.23.33.1` `kernel-64kb-devel >= 6.4.0-150600.23.33.1` `kernel-default >= 6.4.0-150600.23.33.1` `kernel-default-base >= 6.4.0-150600.23.33.1.150600.12.14.1` `kernel-default-devel >= 6.4.0-150600.23.33.1` `kernel-default-extra >= 6.4.0-150600.23.33.1` `kernel-devel >= 6.4.0-150600.23.33.1` `kernel-docs >= 6.4.0-150600.23.33.1` `kernel-macros >= 6.4.0-150600.23.33.1` `kernel-obs-build >= 6.4.0-150600.23.33.1` `kernel-source >= 6.4.0-150600.23.33.1` `kernel-syms >= 6.4.0-150600.23.33.1` `kernel-zfcpdump >= 6.4.0-150600.23.33.1`	Patchnames: SUSE-SLE-Module-Basesystem-15-SP6-2025-154 SUSE-SLE-Module-Development-Tools-15-SP6-2025-154 SUSE-SLE-Product-WE-15-SP6-2025-154
SUSE Linux Enterprise High Availability Extension 15 SP6	`cluster-md-kmp-default >= 6.4.0-150600.23.33.1` `dlm-kmp-default >= 6.4.0-150600.23.33.1` `gfs2-kmp-default >= 6.4.0-150600.23.33.1` `ocfs2-kmp-default >= 6.4.0-150600.23.33.1`	Patchnames: SUSE-SLE-Product-HA-15-SP6-2025-154
SUSE Linux Enterprise High Performance Computing 15 SP6	`kernel-64kb >= 6.4.0-150600.23.33.1` `kernel-64kb-devel >= 6.4.0-150600.23.33.1` `kernel-azure >= 6.4.0-150600.8.23.1` `kernel-azure-devel >= 6.4.0-150600.8.23.1` `kernel-default >= 6.4.0-150600.23.33.1` `kernel-default-base >= 6.4.0-150600.23.33.1.150600.12.14.1` `kernel-default-devel >= 6.4.0-150600.23.33.1` `kernel-devel >= 6.4.0-150600.23.33.1` `kernel-devel-azure >= 6.4.0-150600.8.23.1` `kernel-docs >= 6.4.0-150600.23.33.1` `kernel-macros >= 6.4.0-150600.23.33.1` `kernel-obs-build >= 6.4.0-150600.23.33.1` `kernel-source >= 6.4.0-150600.23.33.1` `kernel-source-azure >= 6.4.0-150600.8.23.1` `kernel-syms >= 6.4.0-150600.23.33.1` `kernel-syms-azure >= 6.4.0-150600.8.23.1` `kernel-zfcpdump >= 6.4.0-150600.23.33.1` `reiserfs-kmp-default >= 6.4.0-150600.23.33.1`	Patchnames: SUSE-SLE-Module-Basesystem-15-SP6-2025-154 SUSE-SLE-Module-Development-Tools-15-SP6-2025-154 SUSE-SLE-Module-Legacy-15-SP6-2025-154 SUSE-SLE-Module-Public-Cloud-15-SP6-2025-117
SUSE Linux Enterprise Live Patching 15 SP6		Patchnames: SUSE-SLE-Module-Live-Patching-15-SP6-2025-153 SUSE-SLE-Module-Live-Patching-15-SP6-2025-154
SUSE Linux Enterprise Module for Basesystem 15 SP6	`kernel-64kb >= 6.4.0-150600.23.33.1` `kernel-64kb-devel >= 6.4.0-150600.23.33.1` `kernel-default >= 6.4.0-150600.23.33.1` `kernel-default-base >= 6.4.0-150600.23.33.1.150600.12.14.1` `kernel-default-devel >= 6.4.0-150600.23.33.1` `kernel-devel >= 6.4.0-150600.23.33.1` `kernel-macros >= 6.4.0-150600.23.33.1` `kernel-zfcpdump >= 6.4.0-150600.23.33.1`	Patchnames: SUSE-SLE-Module-Basesystem-15-SP6-2025-154
SUSE Linux Enterprise Module for Development Tools 15 SP6	`kernel-docs >= 6.4.0-150600.23.33.1` `kernel-obs-build >= 6.4.0-150600.23.33.1` `kernel-source >= 6.4.0-150600.23.33.1` `kernel-syms >= 6.4.0-150600.23.33.1`	Patchnames: SUSE-SLE-Module-Development-Tools-15-SP6-2025-154
SUSE Linux Enterprise Module for Legacy 15 SP6	`reiserfs-kmp-default >= 6.4.0-150600.23.33.1`	Patchnames: SUSE-SLE-Module-Legacy-15-SP6-2025-154
SUSE Linux Enterprise Module for Public Cloud 15 SP6	`kernel-azure >= 6.4.0-150600.8.23.1` `kernel-azure-devel >= 6.4.0-150600.8.23.1` `kernel-devel-azure >= 6.4.0-150600.8.23.1` `kernel-source-azure >= 6.4.0-150600.8.23.1` `kernel-syms-azure >= 6.4.0-150600.8.23.1`	Patchnames: SUSE-SLE-Module-Public-Cloud-15-SP6-2025-117
SUSE Linux Enterprise Real Time 15 SP6 SUSE Real Time Module 15 SP6	`cluster-md-kmp-rt >= 6.4.0-150600.10.23.1` `dlm-kmp-rt >= 6.4.0-150600.10.23.1` `gfs2-kmp-rt >= 6.4.0-150600.10.23.1` `kernel-devel-rt >= 6.4.0-150600.10.23.1` `kernel-rt >= 6.4.0-150600.10.23.1` `kernel-rt-devel >= 6.4.0-150600.10.23.1` `kernel-rt_debug >= 6.4.0-150600.10.23.1` `kernel-rt_debug-devel >= 6.4.0-150600.10.23.1` `kernel-source-rt >= 6.4.0-150600.10.23.1` `kernel-syms-rt >= 6.4.0-150600.10.23.1` `ocfs2-kmp-rt >= 6.4.0-150600.10.23.1`	Patchnames: SUSE-SLE-Module-RT-15-SP6-2025-153
SUSE Linux Enterprise Server 15 SP6 SUSE Linux Enterprise Server for SAP Applications 15 SP6	`kernel-64kb >= 6.4.0-150600.23.33.1` `kernel-64kb-devel >= 6.4.0-150600.23.33.1` `kernel-azure >= 6.4.0-150600.8.23.1` `kernel-azure-devel >= 6.4.0-150600.8.23.1` `kernel-default >= 6.4.0-150600.23.33.1` `kernel-default-base >= 6.4.0-150600.23.33.1.150600.12.14.1` `kernel-default-devel >= 6.4.0-150600.23.33.1` `kernel-default-extra >= 6.4.0-150600.23.33.1` `kernel-devel >= 6.4.0-150600.23.33.1` `kernel-devel-azure >= 6.4.0-150600.8.23.1` `kernel-docs >= 6.4.0-150600.23.33.1` `kernel-macros >= 6.4.0-150600.23.33.1` `kernel-obs-build >= 6.4.0-150600.23.33.1` `kernel-source >= 6.4.0-150600.23.33.1` `kernel-source-azure >= 6.4.0-150600.8.23.1` `kernel-syms >= 6.4.0-150600.23.33.1` `kernel-syms-azure >= 6.4.0-150600.8.23.1` `kernel-zfcpdump >= 6.4.0-150600.23.33.1` `reiserfs-kmp-default >= 6.4.0-150600.23.33.1`	Patchnames: SUSE-SLE-Module-Basesystem-15-SP6-2025-154 SUSE-SLE-Module-Development-Tools-15-SP6-2025-154 SUSE-SLE-Module-Legacy-15-SP6-2025-154 SUSE-SLE-Module-Public-Cloud-15-SP6-2025-117 SUSE-SLE-Product-WE-15-SP6-2025-154
SUSE Linux Enterprise Workstation Extension 15 SP6	`kernel-default-extra >= 6.4.0-150600.23.33.1`	Patchnames: SUSE-SLE-Product-WE-15-SP6-2025-154
openSUSE Leap 15.6	`cluster-md-kmp-64kb >= 6.4.0-150600.23.33.1` `cluster-md-kmp-azure >= 6.4.0-150600.8.23.1` `cluster-md-kmp-default >= 6.4.0-150600.23.33.1` `cluster-md-kmp-rt >= 6.4.0-150600.10.23.1` `dlm-kmp-64kb >= 6.4.0-150600.23.33.1` `dlm-kmp-azure >= 6.4.0-150600.8.23.1` `dlm-kmp-default >= 6.4.0-150600.23.33.1` `dlm-kmp-rt >= 6.4.0-150600.10.23.1` `dtb-allwinner >= 6.4.0-150600.23.33.1` `dtb-altera >= 6.4.0-150600.23.33.1` `dtb-amazon >= 6.4.0-150600.23.33.1` `dtb-amd >= 6.4.0-150600.23.33.1` `dtb-amlogic >= 6.4.0-150600.23.33.1` `dtb-apm >= 6.4.0-150600.23.33.1` `dtb-apple >= 6.4.0-150600.23.33.1` `dtb-arm >= 6.4.0-150600.23.33.1` `dtb-broadcom >= 6.4.0-150600.23.33.1` `dtb-cavium >= 6.4.0-150600.23.33.1` `dtb-exynos >= 6.4.0-150600.23.33.1` `dtb-freescale >= 6.4.0-150600.23.33.1` `dtb-hisilicon >= 6.4.0-150600.23.33.1` `dtb-lg >= 6.4.0-150600.23.33.1` `dtb-marvell >= 6.4.0-150600.23.33.1` `dtb-mediatek >= 6.4.0-150600.23.33.1` `dtb-nvidia >= 6.4.0-150600.23.33.1` `dtb-qcom >= 6.4.0-150600.23.33.1` `dtb-renesas >= 6.4.0-150600.23.33.1` `dtb-rockchip >= 6.4.0-150600.23.33.1` `dtb-socionext >= 6.4.0-150600.23.33.1` `dtb-sprd >= 6.4.0-150600.23.33.1` `dtb-xilinx >= 6.4.0-150600.23.33.1` `gfs2-kmp-64kb >= 6.4.0-150600.23.33.1` `gfs2-kmp-azure >= 6.4.0-150600.8.23.1` `gfs2-kmp-default >= 6.4.0-150600.23.33.1` `gfs2-kmp-rt >= 6.4.0-150600.10.23.1` `kernel-64kb >= 6.4.0-150600.23.33.1` `kernel-64kb-devel >= 6.4.0-150600.23.33.1` `kernel-64kb-extra >= 6.4.0-150600.23.33.1` `kernel-64kb-optional >= 6.4.0-150600.23.33.1` `kernel-azure >= 6.4.0-150600.8.23.1` `kernel-azure-devel >= 6.4.0-150600.8.23.1` `kernel-azure-extra >= 6.4.0-150600.8.23.1` `kernel-azure-optional >= 6.4.0-150600.8.23.1` `kernel-azure-vdso >= 6.4.0-150600.8.23.1` `kernel-debug >= 6.4.0-150600.23.33.1` `kernel-debug-devel >= 6.4.0-150600.23.33.1` `kernel-debug-vdso >= 6.4.0-150600.23.33.1` `kernel-default >= 6.4.0-150600.23.33.1` `kernel-default-base >= 6.4.0-150600.23.33.1.150600.12.14.1` `kernel-default-base-rebuild >= 6.4.0-150600.23.33.1.150600.12.14.1` `kernel-default-devel >= 6.4.0-150600.23.33.1` `kernel-default-extra >= 6.4.0-150600.23.33.1` `kernel-default-livepatch >= 6.4.0-150600.23.33.1` `kernel-default-livepatch-devel >= 6.4.0-150600.23.33.1` `kernel-default-optional >= 6.4.0-150600.23.33.1` `kernel-default-vdso >= 6.4.0-150600.23.33.1` `kernel-devel >= 6.4.0-150600.23.33.1` `kernel-devel-azure >= 6.4.0-150600.8.23.1` `kernel-devel-rt >= 6.4.0-150600.10.23.1` `kernel-docs >= 6.4.0-150600.23.33.1` `kernel-docs-html >= 6.4.0-150600.23.33.1` `kernel-kvmsmall >= 6.4.0-150600.23.33.1` `kernel-kvmsmall-devel >= 6.4.0-150600.23.33.1` `kernel-kvmsmall-vdso >= 6.4.0-150600.23.33.1` `kernel-macros >= 6.4.0-150600.23.33.1` `kernel-obs-build >= 6.4.0-150600.23.33.1` `kernel-obs-qa >= 6.4.0-150600.23.33.1` `kernel-rt >= 6.4.0-150600.10.23.1` `kernel-rt-devel >= 6.4.0-150600.10.23.1` `kernel-rt-extra >= 6.4.0-150600.10.23.1` `kernel-rt-livepatch-devel >= 6.4.0-150600.10.23.1` `kernel-rt-optional >= 6.4.0-150600.10.23.1` `kernel-rt-vdso >= 6.4.0-150600.10.23.1` `kernel-rt_debug >= 6.4.0-150600.10.23.1` `kernel-rt_debug-devel >= 6.4.0-150600.10.23.1` `kernel-rt_debug-vdso >= 6.4.0-150600.10.23.1` `kernel-source >= 6.4.0-150600.23.33.1` `kernel-source-azure >= 6.4.0-150600.8.23.1` `kernel-source-rt >= 6.4.0-150600.10.23.1` `kernel-source-vanilla >= 6.4.0-150600.23.33.1` `kernel-syms >= 6.4.0-150600.23.33.1` `kernel-syms-azure >= 6.4.0-150600.8.23.1` `kernel-syms-rt >= 6.4.0-150600.10.23.1` `kernel-zfcpdump >= 6.4.0-150600.23.33.1` `kselftests-kmp-64kb >= 6.4.0-150600.23.33.1` `kselftests-kmp-azure >= 6.4.0-150600.8.23.1` `kselftests-kmp-default >= 6.4.0-150600.23.33.1` `kselftests-kmp-rt >= 6.4.0-150600.10.23.1` `ocfs2-kmp-64kb >= 6.4.0-150600.23.33.1` `ocfs2-kmp-azure >= 6.4.0-150600.8.23.1` `ocfs2-kmp-default >= 6.4.0-150600.23.33.1` `ocfs2-kmp-rt >= 6.4.0-150600.10.23.1` `reiserfs-kmp-64kb >= 6.4.0-150600.23.33.1` `reiserfs-kmp-azure >= 6.4.0-150600.8.23.1` `reiserfs-kmp-default >= 6.4.0-150600.23.33.1` `reiserfs-kmp-rt >= 6.4.0-150600.10.23.1`	Patchnames: openSUSE-SLE-15.6-2025-117 openSUSE-SLE-15.6-2025-153 openSUSE-SLE-15.6-2025-154

Status of this issue by product and package

Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification. The updates are grouped by state of their lifecycle. SUSE product lifecycles are documented on the lifecycle page.

Product(s)	Source package	State
Products under general support and receiving all security fixes.
SLES15-SP6-CHOST-BYOS	kernel-default	In progress
SLES15-SP6-CHOST-BYOS-Aliyun	kernel-default	In progress
SLES15-SP6-CHOST-BYOS-Azure	kernel-default	In progress
SLES15-SP6-CHOST-BYOS-EC2	kernel-default	In progress
SLES15-SP6-CHOST-BYOS-GCE	kernel-default	In progress
SLES15-SP6-CHOST-BYOS-GDC	kernel-default	In progress
SLES15-SP6-CHOST-BYOS-SAP-CCloud	kernel-default	In progress
SUSE Linux Enterprise Desktop 15 SP6	kernel-64kb	Released
SUSE Linux Enterprise Desktop 15 SP6	kernel-default	Released
SUSE Linux Enterprise Desktop 15 SP6	kernel-default-base	Released
SUSE Linux Enterprise Desktop 15 SP6	kernel-docs	Released
SUSE Linux Enterprise Desktop 15 SP6	kernel-obs-build	Released
SUSE Linux Enterprise Desktop 15 SP6	kernel-source	Released
SUSE Linux Enterprise Desktop 15 SP6	kernel-syms	Released
SUSE Linux Enterprise Desktop 15 SP6	kernel-zfcpdump	Released
SUSE Linux Enterprise High Availability Extension 15 SP6	kernel-default	Released
SUSE Linux Enterprise High Performance Computing 15 SP6	kernel-64kb	Released
SUSE Linux Enterprise High Performance Computing 15 SP6	kernel-azure	Released
SUSE Linux Enterprise High Performance Computing 15 SP6	kernel-default	Released
SUSE Linux Enterprise High Performance Computing 15 SP6	kernel-default-base	Released
SUSE Linux Enterprise High Performance Computing 15 SP6	kernel-docs	Released
SUSE Linux Enterprise High Performance Computing 15 SP6	kernel-obs-build	Released
SUSE Linux Enterprise High Performance Computing 15 SP6	kernel-source	Released
SUSE Linux Enterprise High Performance Computing 15 SP6	kernel-source-azure	Released
SUSE Linux Enterprise High Performance Computing 15 SP6	kernel-syms	Released
SUSE Linux Enterprise High Performance Computing 15 SP6	kernel-syms-azure	Released
SUSE Linux Enterprise High Performance Computing 15 SP6	kernel-zfcpdump	Released
SUSE Linux Enterprise Live Patching 15 SP6	kernel-default	Released
SUSE Linux Enterprise Live Patching 15 SP6	kernel-livepatch-SLE15-SP6-RT_Update_7	Released
SUSE Linux Enterprise Live Patching 15 SP6	kernel-livepatch-SLE15-SP6_Update_7	Released
SUSE Linux Enterprise Live Patching 15 SP6	kernel-source	Already fixed
SUSE Linux Enterprise Micro 5.1	kernel-default	Affected
SUSE Linux Enterprise Micro 5.1	kernel-rt	Affected
SUSE Linux Enterprise Micro 5.1	kernel-source	Affected
SUSE Linux Enterprise Micro 5.1	kernel-source-rt	Affected
SUSE Linux Enterprise Micro 5.2	kernel-default	Affected
SUSE Linux Enterprise Micro 5.2	kernel-rt	Affected
SUSE Linux Enterprise Micro 5.2	kernel-source	Affected
SUSE Linux Enterprise Micro 5.2	kernel-source-rt	Affected
SUSE Linux Enterprise Micro 5.3	kernel-default	Affected
SUSE Linux Enterprise Micro 5.3	kernel-rt	Affected
SUSE Linux Enterprise Micro 5.3	kernel-source	Affected
SUSE Linux Enterprise Micro 5.3	kernel-source-rt	Affected
SUSE Linux Enterprise Micro 5.4	kernel-default	Affected
SUSE Linux Enterprise Micro 5.4	kernel-rt	Affected
SUSE Linux Enterprise Micro 5.4	kernel-source	Affected
SUSE Linux Enterprise Micro 5.4	kernel-source-rt	Affected
SUSE Linux Enterprise Micro 5.5	kernel-default	Affected
SUSE Linux Enterprise Micro 5.5	kernel-source	Affected
SUSE Linux Enterprise Micro 5.5	kernel-source-rt	Affected
SUSE Linux Enterprise Module for Basesystem 15 SP6	kernel-64kb	Released
SUSE Linux Enterprise Module for Basesystem 15 SP6	kernel-default	Released
SUSE Linux Enterprise Module for Basesystem 15 SP6	kernel-default-base	Released
SUSE Linux Enterprise Module for Basesystem 15 SP6	kernel-source	Released
SUSE Linux Enterprise Module for Basesystem 15 SP6	kernel-zfcpdump	Released
SUSE Linux Enterprise Module for Development Tools 15 SP6	kernel-default	Released
SUSE Linux Enterprise Module for Development Tools 15 SP6	kernel-docs	Released
SUSE Linux Enterprise Module for Development Tools 15 SP6	kernel-obs-build	Released
SUSE Linux Enterprise Module for Development Tools 15 SP6	kernel-source	Released
SUSE Linux Enterprise Module for Development Tools 15 SP6	kernel-syms	Released
SUSE Linux Enterprise Module for Legacy 15 SP6	kernel-default	Released
SUSE Linux Enterprise Module for Public Cloud 15 SP6	kernel-azure	Released
SUSE Linux Enterprise Module for Public Cloud 15 SP6	kernel-source-azure	Released
SUSE Linux Enterprise Module for Public Cloud 15 SP6	kernel-syms-azure	Released
SUSE Linux Enterprise Real Time 15 SP6	kernel-rt	Released
SUSE Linux Enterprise Real Time 15 SP6	kernel-rt_debug	Released
SUSE Linux Enterprise Real Time 15 SP6	kernel-source-rt	Released
SUSE Linux Enterprise Real Time 15 SP6	kernel-syms-rt	Released
SUSE Linux Enterprise Server 15 SP6	kernel-64kb	Released
SUSE Linux Enterprise Server 15 SP6	kernel-azure	Released
SUSE Linux Enterprise Server 15 SP6	kernel-default	Released
SUSE Linux Enterprise Server 15 SP6	kernel-default-base	Released
SUSE Linux Enterprise Server 15 SP6	kernel-docs	Released
SUSE Linux Enterprise Server 15 SP6	kernel-obs-build	Released
SUSE Linux Enterprise Server 15 SP6	kernel-source	Released
SUSE Linux Enterprise Server 15 SP6	kernel-source-azure	Released
SUSE Linux Enterprise Server 15 SP6	kernel-syms	Released
SUSE Linux Enterprise Server 15 SP6	kernel-syms-azure	Released
SUSE Linux Enterprise Server 15 SP6	kernel-zfcpdump	Released
SUSE Linux Enterprise Server for SAP Applications 15 SP6	kernel-64kb	Released
SUSE Linux Enterprise Server for SAP Applications 15 SP6	kernel-azure	Released
SUSE Linux Enterprise Server for SAP Applications 15 SP6	kernel-default	Released
SUSE Linux Enterprise Server for SAP Applications 15 SP6	kernel-default-base	Released
SUSE Linux Enterprise Server for SAP Applications 15 SP6	kernel-docs	Released
SUSE Linux Enterprise Server for SAP Applications 15 SP6	kernel-obs-build	Released
SUSE Linux Enterprise Server for SAP Applications 15 SP6	kernel-source	Released
SUSE Linux Enterprise Server for SAP Applications 15 SP6	kernel-source-azure	Released
SUSE Linux Enterprise Server for SAP Applications 15 SP6	kernel-syms	Released
SUSE Linux Enterprise Server for SAP Applications 15 SP6	kernel-syms-azure	Released
SUSE Linux Enterprise Server for SAP Applications 15 SP6	kernel-zfcpdump	Released
SUSE Linux Enterprise Workstation Extension 15 SP6	kernel-default	Released
SUSE Linux Micro 6.0	kernel-default	Already fixed
SUSE Linux Micro 6.0	kernel-source	Already fixed
SUSE Linux Micro 6.0	kernel-source-rt	Already fixed
SUSE Linux Micro 6.1	kernel-default	Already fixed
SUSE Linux Micro 6.1	kernel-source	Already fixed
SUSE Linux Micro 6.1	kernel-source-rt	Already fixed
SUSE Manager Proxy 4.3	kernel-default	Affected
SUSE Manager Proxy 4.3	kernel-source	Affected
SUSE Manager Retail Branch Server 4.3	kernel-default	Affected
SUSE Manager Retail Branch Server 4.3	kernel-source	Affected
SUSE Manager Server 4.3	kernel-default	Affected
SUSE Manager Server 4.3	kernel-source	Affected
SUSE Real Time Module 15 SP6	kernel-rt	Released
SUSE Real Time Module 15 SP6	kernel-rt_debug	Released
SUSE Real Time Module 15 SP6	kernel-source-rt	Released
SUSE Real Time Module 15 SP6	kernel-syms-rt	Released
openSUSE Leap 15.6	dtb-aarch64	Released
openSUSE Leap 15.6	dtb-armv7l	Released
openSUSE Leap 15.6	kernel-64kb	Released
openSUSE Leap 15.6	kernel-azure	Released
openSUSE Leap 15.6	kernel-debug	Released
openSUSE Leap 15.6	kernel-default	Released
openSUSE Leap 15.6	kernel-docs	Released
openSUSE Leap 15.6	kernel-kvmsmall	Released
openSUSE Leap 15.6	kernel-lpae	Released
openSUSE Leap 15.6	kernel-obs-build	Released
openSUSE Leap 15.6	kernel-obs-qa	Released
openSUSE Leap 15.6	kernel-rt	Released
openSUSE Leap 15.6	kernel-rt_debug	Released
openSUSE Leap 15.6	kernel-source	Released
openSUSE Leap 15.6	kernel-source-azure	Released
openSUSE Leap 15.6	kernel-source-rt	Released
openSUSE Leap 15.6	kernel-syms	Released
openSUSE Leap 15.6	kernel-syms-azure	Released
openSUSE Leap 15.6	kernel-syms-rt	Released
openSUSE Leap 15.6	kernel-zfcpdump	Released
Products under Long Term Service Pack support and receiving important and critical security fixes.
SUSE Linux Enterprise High Availability Extension 12 SP5	kernel-default	Not affected
SUSE Linux Enterprise High Availability Extension 12 SP5	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP3	kernel-source	Affected
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS	kernel-source	Affected
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS	kernel-default	Affected
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS	kernel-source	Affected
SUSE Linux Enterprise High Performance Computing 15 SP4	kernel-source	Affected
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS	kernel-default	Affected
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS	kernel-source	Affected
SUSE Linux Enterprise High Performance Computing 15 SP5	kernel-default	Affected
SUSE Linux Enterprise High Performance Computing 15 SP5	kernel-source	Affected
SUSE Linux Enterprise High Performance Computing 15 SP5	kernel-source-azure	Affected
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS	kernel-default	Affected
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS	kernel-source	Affected
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS	kernel-default	Affected
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS	kernel-source	Affected
SUSE Linux Enterprise Live Patching 12 SP5	kernel-default	Not affected
SUSE Linux Enterprise Live Patching 12 SP5	kernel-source	Not affected
SUSE Linux Enterprise Live Patching 15 SP3	kernel-default	Affected
SUSE Linux Enterprise Live Patching 15 SP3	kernel-source	Affected
SUSE Linux Enterprise Live Patching 15 SP4	kernel-default	Affected
SUSE Linux Enterprise Live Patching 15 SP4	kernel-source	Affected
SUSE Linux Enterprise Live Patching 15 SP5	kernel-default	Affected
SUSE Linux Enterprise Live Patching 15 SP5	kernel-source	Affected
SUSE Linux Enterprise Module for Basesystem 15 SP3	kernel-source	Affected
SUSE Linux Enterprise Module for Basesystem 15 SP4	kernel-source	Affected
SUSE Linux Enterprise Module for Basesystem 15 SP5	kernel-default	Affected
SUSE Linux Enterprise Module for Basesystem 15 SP5	kernel-source	Affected
SUSE Linux Enterprise Module for Development Tools 15 SP3	kernel-source	Affected
SUSE Linux Enterprise Module for Development Tools 15 SP4	kernel-source	Affected
SUSE Linux Enterprise Module for Development Tools 15 SP5	kernel-default	Affected
SUSE Linux Enterprise Module for Development Tools 15 SP5	kernel-source	Affected
SUSE Linux Enterprise Module for Legacy 15 SP5	kernel-default	Affected
SUSE Linux Enterprise Module for Legacy 15 SP5	kernel-source	Affected
SUSE Linux Enterprise Module for Public Cloud 15 SP5	kernel-source-azure	Affected
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE	kernel-default	Not affected
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP5	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP5	kernel-source-azure	Not affected
SUSE Linux Enterprise Server 12 SP5-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 12 SP5-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP5-LTSS	kernel-source-azure	Not affected
SUSE Linux Enterprise Server 15 SP3	kernel-source	Affected
SUSE Linux Enterprise Server 15 SP3-LTSS	kernel-default	Affected
SUSE Linux Enterprise Server 15 SP3-LTSS	kernel-source	Affected
SUSE Linux Enterprise Server 15 SP4	kernel-source	Affected
SUSE Linux Enterprise Server 15 SP4-LTSS	kernel-default	Affected
SUSE Linux Enterprise Server 15 SP4-LTSS	kernel-source	Affected
SUSE Linux Enterprise Server 15 SP5	kernel-default	Affected
SUSE Linux Enterprise Server 15 SP5	kernel-source	Affected
SUSE Linux Enterprise Server 15 SP5	kernel-source-azure	Affected
SUSE Linux Enterprise Server 15 SP5-LTSS	kernel-default	Affected
SUSE Linux Enterprise Server 15 SP5-LTSS	kernel-source	Affected
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5	kernel-source	Not affected
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5	kernel-source-azure	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP5	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP5	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP3	kernel-default	Affected
SUSE Linux Enterprise Server for SAP Applications 15 SP3	kernel-source	Affected
SUSE Linux Enterprise Server for SAP Applications 15 SP4	kernel-default	Affected
SUSE Linux Enterprise Server for SAP Applications 15 SP4	kernel-source	Affected
SUSE Linux Enterprise Server for SAP Applications 15 SP5	kernel-default	Affected
SUSE Linux Enterprise Server for SAP Applications 15 SP5	kernel-source	Affected
SUSE Linux Enterprise Server for SAP Applications 15 SP5	kernel-source-azure	Affected
Products past their end of life and not receiving proactive updates anymore.
HPE Helion OpenStack 8	kernel-source	Not affected
SUSE CaaS Platform 4.0	kernel-source	Not affected
SUSE CaaS Platform Toolchain 3	kernel-source	Not affected
SUSE Enterprise Storage 6	kernel-source	Not affected
SUSE Enterprise Storage 7	kernel-source	Affected
SUSE Enterprise Storage 7.1	kernel-source	Affected
SUSE Linux Enterprise Desktop 11 SP4	kernel-source	Not affected
SUSE Linux Enterprise Desktop 12 SP2	kernel-source	Not affected
SUSE Linux Enterprise Desktop 12 SP3	kernel-source	Not affected
SUSE Linux Enterprise Desktop 12 SP4	kernel-source	Not affected
SUSE Linux Enterprise Desktop 15	kernel-source	Not affected
SUSE Linux Enterprise Desktop 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise Desktop 15 SP2	kernel-source	Affected
SUSE Linux Enterprise Desktop 15 SP3	kernel-source	Affected
SUSE Linux Enterprise Desktop 15 SP4	kernel-source	Affected
SUSE Linux Enterprise Desktop 15 SP5	kernel-default	Affected
SUSE Linux Enterprise Desktop 15 SP5	kernel-source	Affected
SUSE Linux Enterprise High Availability Extension 15 SP2	kernel-default	Affected
SUSE Linux Enterprise High Availability Extension 15 SP2	kernel-source	Affected
SUSE Linux Enterprise High Performance Computing 15	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP2	kernel-source	Affected
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS	kernel-source	Affected
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS	kernel-default	Affected
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS	kernel-source	Affected
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS	kernel-default	Affected
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS	kernel-source	Affected
SUSE Linux Enterprise High Performance Computing 15-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Live Patching 15 SP2	kernel-default	Affected
SUSE Linux Enterprise Live Patching 15 SP2	kernel-source	Affected
SUSE Linux Enterprise Micro 5.0	kernel-default	Not affected
SUSE Linux Enterprise Module for Basesystem 15	kernel-source	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP2	kernel-source	Affected
SUSE Linux Enterprise Module for Development Tools 15	kernel-source	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP2	kernel-source	Affected
SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT	kernel-source	Not affected
SUSE Linux Enterprise Real Time 15 SP2	kernel-source	Affected
SUSE Linux Enterprise Real Time 15 SP3	kernel-source	Affected
SUSE Linux Enterprise Real Time 15 SP3	kernel-source-rt	Affected
SUSE Linux Enterprise Real Time 15 SP4	kernel-source	Affected
SUSE Linux Enterprise Real Time 15 SP4	kernel-source-rt	Affected
SUSE Linux Enterprise Real Time 15 SP5	kernel-source-rt	Affected
SUSE Linux Enterprise Server 11 SP4	kernel-source	Not affected
SUSE Linux Enterprise Server 11 SP4 LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 11 SP4 LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 11 SP4-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP2	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP2-BCL	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP2-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP2-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 12 SP2-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP3	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP3-BCL	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP3-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP3-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP4	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP4-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP4-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 12 SP4-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 15	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP1-BCL	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP1-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 15 SP1-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP2	kernel-source	Affected
SUSE Linux Enterprise Server 15 SP2-BCL	kernel-source	Affected
SUSE Linux Enterprise Server 15 SP2-LTSS	kernel-default	Affected
SUSE Linux Enterprise Server 15 SP2-LTSS	kernel-source	Affected
SUSE Linux Enterprise Server 15 SP3-BCL	kernel-source	Affected
SUSE Linux Enterprise Server 15-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 15-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP2	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP3	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP4	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP2	kernel-default	Affected
SUSE Linux Enterprise Server for SAP Applications 15 SP2	kernel-source	Affected
SUSE Linux Enterprise Workstation Extension 15 SP5	kernel-default	Affected
SUSE Linux Enterprise Workstation Extension 15 SP5	kernel-source	Affected
SUSE Manager Proxy 4.0	kernel-source	Not affected
SUSE Manager Proxy 4.1	kernel-source	Affected
SUSE Manager Proxy 4.2	kernel-source	Affected
SUSE Manager Retail Branch Server 4.0	kernel-source	Not affected
SUSE Manager Retail Branch Server 4.1	kernel-source	Affected
SUSE Manager Retail Branch Server 4.2	kernel-source	Affected
SUSE Manager Server 4.0	kernel-source	Not affected
SUSE Manager Server 4.1	kernel-source	Affected
SUSE Manager Server 4.2	kernel-source	Affected
SUSE OpenStack Cloud 7	kernel-source	Not affected
SUSE OpenStack Cloud 8	kernel-source	Not affected
SUSE OpenStack Cloud 9	kernel-source	Not affected
SUSE OpenStack Cloud Crowbar 8	kernel-source	Not affected
SUSE OpenStack Cloud Crowbar 9	kernel-source	Not affected
SUSE Real Time Module 15 SP3	kernel-source-rt	Affected
SUSE Real Time Module 15 SP4	kernel-source-rt	Affected
SUSE Real Time Module 15 SP5	kernel-source-rt	Affected
openSUSE Leap 15.3	kernel-source	Affected
openSUSE Leap 15.3	kernel-source-rt	Affected
openSUSE Leap 15.4	kernel-source	Affected
openSUSE Leap 15.4	kernel-source-azure	Unsupported
openSUSE Leap 15.4	kernel-source-rt	Affected
openSUSE Leap 15.5	kernel-default	Affected
openSUSE Leap 15.5	kernel-source	Affected
openSUSE Leap 15.5	kernel-source-azure	Affected
openSUSE Leap 15.5	kernel-source-rt	Affected
Container Status
suse/hpc/warewulf4-x86_64/sle-hpc-node	kernel-default	Released
bci/bci-sle15-kernel-module-devel	kernel-syms	In progress

SUSE Timeline for this CVE

CVE page created: Fri Dec 27 16:00:50 2024
CVE page last modified: Fri Jan 17 21:59:46 2025