Upstream information
Description
In the Linux kernel, the following vulnerability has been resolved:net: qualcomm: rmnet: fix global oob in rmnet_policy
The variable rmnet_link_ops assign a *bigger* maxtype which leads to a
global out-of-bounds read when parsing the netlink attributes. See bug
trace below:
==================================================================
BUG: KASAN: global-out-of-bounds in validate_nla lib/nlattr.c:386 [inline]
BUG: KASAN: global-out-of-bounds in __nla_validate_parse+0x24af/0x2750 lib/nlattr.c:600
Read of size 1 at addr ffffffff92c438d0 by task syz-executor.6/84207
CPU: 0 PID: 84207 Comm: syz-executor.6 Tainted: G N 6.1.0 #3
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x8b/0xb3 lib/dump_stack.c:106
print_address_description mm/kasan/report.c:284 [inline]
print_report+0x172/0x475 mm/kasan/report.c:395
kasan_report+0xbb/0x1c0 mm/kasan/report.c:495
validate_nla lib/nlattr.c:386 [inline]
__nla_validate_parse+0x24af/0x2750 lib/nlattr.c:600
__nla_parse+0x3e/0x50 lib/nlattr.c:697
nla_parse_nested_deprecated include/net/netlink.h:1248 [inline]
__rtnl_newlink+0x50a/0x1880 net/core/rtnetlink.c:3485
rtnl_newlink+0x64/0xa0 net/core/rtnetlink.c:3594
rtnetlink_rcv_msg+0x43c/0xd70 net/core/rtnetlink.c:6091
netlink_rcv_skb+0x14f/0x410 net/netlink/af_netlink.c:2540
netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]
netlink_unicast+0x54e/0x800 net/netlink/af_netlink.c:1345
netlink_sendmsg+0x930/0xe50 net/netlink/af_netlink.c:1921
sock_sendmsg_nosec net/socket.c:714 [inline]
sock_sendmsg+0x154/0x190 net/socket.c:734
____sys_sendmsg+0x6df/0x840 net/socket.c:2482
___sys_sendmsg+0x110/0x1b0 net/socket.c:2536
__sys_sendmsg+0xf3/0x1c0 net/socket.c:2565
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3b/0x90 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fdcf2072359
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fdcf13e3168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fdcf219ff80 RCX: 00007fdcf2072359
RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
RBP: 00007fdcf20bd493 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fffbb8d7bdf R14: 00007fdcf13e3300 R15: 0000000000022000
</TASK>
The buggy address belongs to the variable:
rmnet_policy+0x30/0xe0
The buggy address belongs to the physical page:
page:0000000065bdeb3c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x155243
flags: 0x200000000001000(reserved|node=0|zone=2)
raw: 0200000000001000 ffffea00055490c8 ffffea00055490c8 0000000000000000
raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected
Memory state around the buggy address:
ffffffff92c43780: f9 f9 f9 f9 00 00 00 02 f9 f9 f9 f9 00 00 00 07
ffffffff92c43800: f9 f9 f9 f9 00 00 00 05 f9 f9 f9 f9 06 f9 f9 f9
>ffffffff92c43880: f9 f9 f9 f9 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9
^
ffffffff92c43900: 00 00 00 00 00 00 00 00 07 f9 f9 f9 f9 f9 f9 f9
ffffffff92c43980: 00 00 00 07 f9 f9 f9 f9 00 00 00 05 f9 f9 f9 f9
According to the comment of `nla_parse_nested_deprecated`, the maxtype
should be len(destination array) - 1. Hence use `IFLA_RMNET_MAX` here.
SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having low severity.
National Vulnerability Database | SUSE | |
---|---|---|
Base Score | 7.1 | 3.3 |
Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Attack Vector | Local | Local |
Attack Complexity | Low | Low |
Privileges Required | Low | Low |
User Interaction | None | None |
Scope | Unchanged | Unchanged |
Confidentiality Impact | High | Low |
Integrity Impact | None | None |
Availability Impact | High | None |
CVSSv3 Version | 3.1 | 3.1 |
Note from the SUSE Security Team on the kernel-default package
SUSE will no longer fix all CVEs in the Linux Kernel anymore, but declare some bug classes as won't fix. Please refer to TID 21496 for more details. SUSE Bugzilla entry: 1220363 [RESOLVED / FIXED]SUSE Security Advisories:
- SUSE-SU-2024:2008-1, published Wed Jun 12 12:32:06 UTC 2024
- SUSE-SU-2024:2019-1, published Thu Jun 13 12:36:27 UTC 2024
- SUSE-SU-2024:2190-1, published Tue Jun 25 12:32:30 UTC 2024
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
Container bci/bci-sle15-kernel-module-devel:15.5.17.2 |
| |
Container suse/sle-micro/kvm-5.5:2.0.4-3.5.69 |
| |
Container suse/sle-micro/rt-5.5:2.0.4-4.5.76 |
| |
Image SLES15-SP5-Azure-Basic Image SLES15-SP5-Azure-Standard Image SLES15-SP5-HPC-Azure |
| |
Image SLES15-SP5-BYOS-Azure Image SLES15-SP5-BYOS-EC2 Image SLES15-SP5-BYOS-GCE Image SLES15-SP5-CHOST-BYOS-Aliyun Image SLES15-SP5-CHOST-BYOS-Azure Image SLES15-SP5-CHOST-BYOS-EC2 Image SLES15-SP5-CHOST-BYOS-GCE Image SLES15-SP5-CHOST-BYOS-GDC Image SLES15-SP5-CHOST-BYOS-SAP-CCloud Image SLES15-SP5-EC2 Image SLES15-SP5-GCE Image SLES15-SP5-HPC-BYOS-Azure Image SLES15-SP5-HPC-BYOS-EC2 Image SLES15-SP5-HPC-BYOS-GCE Image SLES15-SP5-Hardened-BYOS-Azure Image SLES15-SP5-Hardened-BYOS-GCE Image SLES15-SP5-Manager-Proxy-5-0-BYOS Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2 Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE Image SLES15-SP5-Manager-Server-5-0-BYOS Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2 Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE Image SLES15-SP5-Micro-5-5 Image SLES15-SP5-Micro-5-5-Azure Image SLES15-SP5-Micro-5-5-BYOS Image SLES15-SP5-Micro-5-5-BYOS-Azure Image SLES15-SP5-Micro-5-5-BYOS-EC2 Image SLES15-SP5-Micro-5-5-BYOS-GCE Image SLES15-SP5-Micro-5-5-EC2 Image SLES15-SP5-Micro-5-5-GCE Image SLES15-SP5-SAPCAL-Azure Image SLES15-SP5-SAPCAL-EC2 Image SLES15-SP5-SAPCAL-GCE |
| |
Image SLES15-SP5-SAP-Azure-LI-BYOS Image SLES15-SP5-SAP-Azure-LI-BYOS-Production Image SLES15-SP5-SAP-Azure-VLI-BYOS Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production Image SLES15-SP5-SAP-BYOS-Azure Image SLES15-SP5-SAP-BYOS-EC2 Image SLES15-SP5-SAP-BYOS-GCE Image SLES15-SP5-SAP-Hardened-Azure Image SLES15-SP5-SAP-Hardened-BYOS-Azure Image SLES15-SP5-SAP-Hardened-BYOS-EC2 Image SLES15-SP5-SAP-Hardened-BYOS-GCE Image SLES15-SP5-SAP-Hardened-GCE |
| |
SUSE Linux Enterprise Desktop 15 SP5 |
| Patchnames: SUSE-SLE-Module-Basesystem-15-SP5-2024-2190 SUSE-SLE-Module-Development-Tools-15-SP5-2024-2190 SUSE-SLE-Product-WE-15-SP5-2024-2190 |
SUSE Linux Enterprise Desktop 15 SP6 |
| Patchnames: SUSE Linux Enterprise Module for Basesystem 15 SP6 GA kernel-64kb-6.4.0-150600.21.2 SUSE Linux Enterprise Module for Development Tools 15 SP6 GA kernel-docs-6.4.0-150600.21.1 |
SUSE Linux Enterprise High Availability Extension 15 SP5 |
| Patchnames: SUSE-SLE-Product-HA-15-SP5-2024-2190 |
SUSE Linux Enterprise High Performance Computing 15 SP5 |
| Patchnames: SUSE-SLE-Module-Basesystem-15-SP5-2024-2190 SUSE-SLE-Module-Development-Tools-15-SP5-2024-2190 SUSE-SLE-Module-Legacy-15-SP5-2024-2190 SUSE-SLE-Module-Public-Cloud-15-SP5-2024-2019 |
SUSE Linux Enterprise High Performance Computing 15 SP6 SUSE Linux Enterprise Server 15 SP6 SUSE Linux Enterprise Server for SAP Applications 15 SP6 |
| Patchnames: SUSE Linux Enterprise Module for Basesystem 15 SP6 GA kernel-64kb-6.4.0-150600.21.2 SUSE Linux Enterprise Module for Development Tools 15 SP6 GA kernel-docs-6.4.0-150600.21.1 SUSE Linux Enterprise Module for Legacy 15 SP6 GA reiserfs-kmp-default-6.4.0-150600.21.3 SUSE Linux Enterprise Module for Public Cloud 15 SP6 GA kernel-azure-6.4.0-150600.6.3 |
SUSE Linux Enterprise Live Patching 15 SP5 | Patchnames: SUSE-SLE-Module-Live-Patching-15-SP5-2024-2008 SUSE-SLE-Module-Live-Patching-15-SP5-2024-2190 | |
SUSE Linux Enterprise Micro 5.5 |
| Patchnames: SUSE-SLE-Micro-5.5-2024-2008 SUSE-SLE-Micro-5.5-2024-2190 |
SUSE Linux Enterprise Micro 6.0 |
| Patchnames: SUSE Linux Enterprise Micro 6.0 GA kernel-default-6.4.0-17.1 SUSE Linux Enterprise Micro 6.0 GA kernel-rt-6.4.0-8.1 |
SUSE Linux Enterprise Micro 6.1 |
| Patchnames: SUSE Linux Enterprise Micro 6.1 GA kernel-default-6.4.0-19.1 |
SUSE Linux Enterprise Module for Basesystem 15 SP5 |
| Patchnames: SUSE-SLE-Module-Basesystem-15-SP5-2024-2190 |
SUSE Linux Enterprise Module for Basesystem 15 SP6 |
| Patchnames: SUSE Linux Enterprise Module for Basesystem 15 SP6 GA kernel-64kb-6.4.0-150600.21.2 |
SUSE Linux Enterprise Module for Development Tools 15 SP5 |
| Patchnames: SUSE-SLE-Module-Development-Tools-15-SP5-2024-2190 |
SUSE Linux Enterprise Module for Development Tools 15 SP6 |
| Patchnames: SUSE Linux Enterprise Module for Development Tools 15 SP6 GA kernel-docs-6.4.0-150600.21.1 |
SUSE Linux Enterprise Module for Legacy 15 SP5 |
| Patchnames: SUSE-SLE-Module-Legacy-15-SP5-2024-2190 |
SUSE Linux Enterprise Module for Legacy 15 SP6 |
| Patchnames: SUSE Linux Enterprise Module for Legacy 15 SP6 GA reiserfs-kmp-default-6.4.0-150600.21.3 |
SUSE Linux Enterprise Module for Public Cloud 15 SP5 |
| Patchnames: SUSE-SLE-Module-Public-Cloud-15-SP5-2024-2019 |
SUSE Linux Enterprise Module for Public Cloud 15 SP6 |
| Patchnames: SUSE Linux Enterprise Module for Public Cloud 15 SP6 GA kernel-azure-6.4.0-150600.6.3 |
SUSE Linux Enterprise Real Time 15 SP5 SUSE Real Time Module 15 SP5 |
| Patchnames: SUSE-SLE-Module-RT-15-SP5-2024-2008 |
SUSE Linux Enterprise Server 15 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP5 |
| Patchnames: SUSE-SLE-Module-Basesystem-15-SP5-2024-2190 SUSE-SLE-Module-Development-Tools-15-SP5-2024-2190 SUSE-SLE-Module-Legacy-15-SP5-2024-2190 SUSE-SLE-Module-Public-Cloud-15-SP5-2024-2019 SUSE-SLE-Product-WE-15-SP5-2024-2190 |
SUSE Linux Enterprise Workstation Extension 15 SP5 |
| Patchnames: SUSE-SLE-Product-WE-15-SP5-2024-2190 |
openSUSE Leap 15.5 |
| Patchnames: openSUSE-SLE-15.5-2024-2008 openSUSE-SLE-15.5-2024-2019 openSUSE-SLE-15.5-2024-2190 |
openSUSE Leap Micro 5.5 |
| Patchnames: openSUSE-Leap-Micro-5.5-2024-2008 openSUSE-Leap-Micro-5.5-2024-2190 |
First public cloud image revisions this CVE is fixed in:
- alibaba/sles-15-sp5-chost-byos-v20240626
- amazon/suse-sle-hpc-15-sp5-byos-v20240808-hvm-ssd-x86_64
- amazon/suse-sle-micro-5-5-byos-v20240722-hvm-ssd-arm64
- amazon/suse-sle-micro-5-5-byos-v20240722-hvm-ssd-x86_64
- amazon/suse-sle-micro-5-5-v20240722-hvm-ssd-arm64-llc
- amazon/suse-sle-micro-5-5-v20240722-hvm-ssd-arm64-ltd
- amazon/suse-sle-micro-5-5-v20240722-hvm-ssd-x86_64-llc
- amazon/suse-sle-micro-5-5-v20240722-hvm-ssd-x86_64-ltd
- amazon/suse-sles-15-sp5-byos-v20240808-hvm-ssd-arm64
- amazon/suse-sles-15-sp5-byos-v20240808-hvm-ssd-x86_64
- amazon/suse-sles-15-sp5-chost-byos-v20240626-hvm-ssd-arm64
- amazon/suse-sles-15-sp5-chost-byos-v20240626-hvm-ssd-x86_64
- amazon/suse-sles-15-sp5-sapcal-v20240808-hvm-ssd-x86_64
- amazon/suse-sles-15-sp5-v20240808-ecs-hvm-ssd-x86_64
- amazon/suse-sles-15-sp5-v20240808-hvm-ssd-arm64
- amazon/suse-sles-15-sp5-v20240808-hvm-ssd-x86_64
- amazon/suse-sles-sap-15-sp5-byos-v20240808-hvm-ssd-x86_64
- amazon/suse-sles-sap-15-sp5-hardened-byos-v20240808-hvm-ssd-x86_64
- amazon/suse-sles-sap-15-sp5-v20240807-hvm-ssd-x86_64
- google/sle-hpc-15-sp5-byos-v20240808-x86-64
- google/sle-micro-5-5-byos-v20240722-arm64
- google/sle-micro-5-5-byos-v20240722-x86-64
- google/sles-15-sp5-byos-v20240628-arm64
- google/sles-15-sp5-byos-v20240628-x86-64
- google/sles-15-sp5-chost-byos-v20240626-arm64
- google/sles-15-sp5-chost-byos-v20240626-x86-64
- google/sles-15-sp5-hardened-byos-v20240808-x86-64
- google/sles-15-sp5-sap-byos-v20240808-x86-64
- google/sles-15-sp5-sap-v20240808-x86-64
- google/sles-15-sp5-sapcal-v20240808-x86-64
- google/sles-15-sp5-v20240628-arm64
- google/sles-15-sp5-v20240628-x86-64
- google/sles-sap-15-sp5-hardened-byos-v20240808-x86-64
- google/sles-sap-15-sp5-hardened-v20240808-x86-64
- microsoft/suse-sle-hpc-15-sp5-byos-v20240809-x86_64
- microsoft/suse-sle-hpc-15-sp5-v20240809-x86_64
- microsoft/suse-sle-micro-5-5-byos-v20241114-arm64
- microsoft/suse-sle-micro-5-5-v20240722-arm64-llc
- microsoft/suse-sle-micro-5-5-v20240722-arm64-ltd
- microsoft/suse-sle-micro-5-5-v20241114-x86_64-llc
- microsoft/suse-sle-micro-5-5-v20241114-x86_64-ltd
- microsoft/suse-sles-15-sp5-basic-v20240809-x86_64
- microsoft/suse-sles-15-sp5-byos-v20240809-arm64
- microsoft/suse-sles-15-sp5-byos-v20240809-x86_64
- microsoft/suse-sles-15-sp5-chost-byos-v20240626-arm64
- microsoft/suse-sles-15-sp5-chost-byos-v20240626-x86_64
- microsoft/suse-sles-15-sp5-hardened-byos-v20240809-x86_64
- microsoft/suse-sles-15-sp5-sapcal-v20240809-x86_64
- microsoft/suse-sles-15-sp5-v20240809-arm64
- microsoft/suse-sles-15-sp5-v20240809-x86_64
- microsoft/suse-sles-sap-15-sp5-byos-v20240809-x86_64
- microsoft/suse-sles-sap-15-sp5-v20240809-x86_64
Status of this issue by product and package
Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification. The updates are grouped by state of their lifecycle. SUSE product lifecycles are documented on the lifecycle page.
Product(s) | Source package | State |
---|---|---|
Products under general support and receiving all security fixes. | ||
SLES15-SP5-CHOST-BYOS-Aliyun | kernel-default | Released |
SLES15-SP5-CHOST-BYOS-Azure | kernel-default | Released |
SLES15-SP5-CHOST-BYOS-EC2 | kernel-default | Released |
SLES15-SP5-CHOST-BYOS-GCE | kernel-default | Released |
SLES15-SP5-CHOST-BYOS-SAP-CCloud | kernel-default | Released |
SUSE Linux Enterprise Desktop 15 SP5 | kernel-64kb | Released |
SUSE Linux Enterprise Desktop 15 SP5 | kernel-default | Released |
SUSE Linux Enterprise Desktop 15 SP5 | kernel-default-base | Released |
SUSE Linux Enterprise Desktop 15 SP5 | kernel-docs | Released |
SUSE Linux Enterprise Desktop 15 SP5 | kernel-obs-build | Released |
SUSE Linux Enterprise Desktop 15 SP5 | kernel-source | Released |
SUSE Linux Enterprise Desktop 15 SP5 | kernel-syms | Released |
SUSE Linux Enterprise Desktop 15 SP5 | kernel-zfcpdump | Released |
SUSE Linux Enterprise Desktop 15 SP6 | kernel-default | Already fixed |
SUSE Linux Enterprise Desktop 15 SP6 | kernel-source | Already fixed |
SUSE Linux Enterprise High Availability Extension 15 SP5 | kernel-default | Released |
SUSE Linux Enterprise High Performance Computing 15 SP5 | kernel-64kb | Released |
SUSE Linux Enterprise High Performance Computing 15 SP5 | kernel-azure | Released |
SUSE Linux Enterprise High Performance Computing 15 SP5 | kernel-default | Released |
SUSE Linux Enterprise High Performance Computing 15 SP5 | kernel-default-base | Released |
SUSE Linux Enterprise High Performance Computing 15 SP5 | kernel-docs | Released |
SUSE Linux Enterprise High Performance Computing 15 SP5 | kernel-obs-build | Released |
SUSE Linux Enterprise High Performance Computing 15 SP5 | kernel-source | Released |
SUSE Linux Enterprise High Performance Computing 15 SP5 | kernel-source-azure | Released |
SUSE Linux Enterprise High Performance Computing 15 SP5 | kernel-syms | Released |
SUSE Linux Enterprise High Performance Computing 15 SP5 | kernel-syms-azure | Released |
SUSE Linux Enterprise High Performance Computing 15 SP5 | kernel-zfcpdump | Released |
SUSE Linux Enterprise High Performance Computing 15 SP6 | kernel-default | Already fixed |
SUSE Linux Enterprise High Performance Computing 15 SP6 | kernel-source | Already fixed |
SUSE Linux Enterprise High Performance Computing 15 SP6 | kernel-source-azure | Already fixed |
SUSE Linux Enterprise Live Patching 15 SP5 | kernel-default | Released |
SUSE Linux Enterprise Live Patching 15 SP5 | kernel-livepatch-SLE15-SP5-RT_Update_16 | Released |
SUSE Linux Enterprise Live Patching 15 SP5 | kernel-livepatch-SLE15-SP5_Update_15 | Released |
SUSE Linux Enterprise Micro 5.1 | kernel-default | Affected |
SUSE Linux Enterprise Micro 5.1 | kernel-rt | Unsupported |
SUSE Linux Enterprise Micro 5.1 | kernel-source-rt | Unsupported |
SUSE Linux Enterprise Micro 5.2 | kernel-default | Affected |
SUSE Linux Enterprise Micro 5.2 | kernel-rt | Unsupported |
SUSE Linux Enterprise Micro 5.2 | kernel-source-rt | Unsupported |
SUSE Linux Enterprise Micro 5.3 | kernel-default | Affected |
SUSE Linux Enterprise Micro 5.3 | kernel-rt | Unsupported |
SUSE Linux Enterprise Micro 5.3 | kernel-source-rt | Unsupported |
SUSE Linux Enterprise Micro 5.4 | kernel-default | Affected |
SUSE Linux Enterprise Micro 5.4 | kernel-rt | Unsupported |
SUSE Linux Enterprise Micro 5.4 | kernel-source-rt | Unsupported |
SUSE Linux Enterprise Micro 5.5 | kernel-default | Released |
SUSE Linux Enterprise Micro 5.5 | kernel-default-base | Released |
SUSE Linux Enterprise Micro 5.5 | kernel-rt | Released |
SUSE Linux Enterprise Micro 5.5 | kernel-source-rt | Released |
SUSE Linux Enterprise Micro 6.0 | kernel-default | Released |
SUSE Linux Enterprise Micro 6.0 | kernel-source | Released |
SUSE Linux Enterprise Micro 6.0 | kernel-source-rt | Released |
SUSE Linux Enterprise Module for Basesystem 15 SP5 | kernel-64kb | Released |
SUSE Linux Enterprise Module for Basesystem 15 SP5 | kernel-default | Released |
SUSE Linux Enterprise Module for Basesystem 15 SP5 | kernel-default-base | Released |
SUSE Linux Enterprise Module for Basesystem 15 SP5 | kernel-source | Released |
SUSE Linux Enterprise Module for Basesystem 15 SP5 | kernel-zfcpdump | Released |
SUSE Linux Enterprise Module for Basesystem 15 SP6 | kernel-default | Already fixed |
SUSE Linux Enterprise Module for Basesystem 15 SP6 | kernel-source | Already fixed |
SUSE Linux Enterprise Module for Development Tools 15 SP5 | kernel-default | Released |
SUSE Linux Enterprise Module for Development Tools 15 SP5 | kernel-docs | Released |
SUSE Linux Enterprise Module for Development Tools 15 SP5 | kernel-obs-build | Released |
SUSE Linux Enterprise Module for Development Tools 15 SP5 | kernel-source | Released |
SUSE Linux Enterprise Module for Development Tools 15 SP5 | kernel-syms | Released |
SUSE Linux Enterprise Module for Development Tools 15 SP6 | kernel-default | Already fixed |
SUSE Linux Enterprise Module for Development Tools 15 SP6 | kernel-source | Already fixed |
SUSE Linux Enterprise Module for Legacy 15 SP5 | kernel-default | Released |
SUSE Linux Enterprise Module for Public Cloud 15 SP5 | kernel-azure | Released |
SUSE Linux Enterprise Module for Public Cloud 15 SP5 | kernel-source-azure | Released |
SUSE Linux Enterprise Module for Public Cloud 15 SP5 | kernel-syms-azure | Released |
SUSE Linux Enterprise Module for Public Cloud 15 SP6 | kernel-source-azure | Already fixed |
SUSE Linux Enterprise Real Time 15 SP5 | kernel-rt | Released |
SUSE Linux Enterprise Real Time 15 SP5 | kernel-rt_debug | Released |
SUSE Linux Enterprise Real Time 15 SP5 | kernel-source-rt | Released |
SUSE Linux Enterprise Real Time 15 SP5 | kernel-syms-rt | Released |
SUSE Linux Enterprise Real Time 15 SP6 | kernel-source-rt | Not affected |
SUSE Linux Enterprise Server 15 SP5 | kernel-64kb | Released |
SUSE Linux Enterprise Server 15 SP5 | kernel-azure | Released |
SUSE Linux Enterprise Server 15 SP5 | kernel-default | Released |
SUSE Linux Enterprise Server 15 SP5 | kernel-default-base | Released |
SUSE Linux Enterprise Server 15 SP5 | kernel-docs | Released |
SUSE Linux Enterprise Server 15 SP5 | kernel-obs-build | Released |
SUSE Linux Enterprise Server 15 SP5 | kernel-source | Released |
SUSE Linux Enterprise Server 15 SP5 | kernel-source-azure | Released |
SUSE Linux Enterprise Server 15 SP5 | kernel-syms | Released |
SUSE Linux Enterprise Server 15 SP5 | kernel-syms-azure | Released |
SUSE Linux Enterprise Server 15 SP5 | kernel-zfcpdump | Released |
SUSE Linux Enterprise Server 15 SP6 | kernel-default | Already fixed |
SUSE Linux Enterprise Server 15 SP6 | kernel-source | Already fixed |
SUSE Linux Enterprise Server 15 SP6 | kernel-source-azure | Already fixed |
SUSE Linux Enterprise Server for SAP Applications 15 SP5 | kernel-64kb | Released |
SUSE Linux Enterprise Server for SAP Applications 15 SP5 | kernel-azure | Released |
SUSE Linux Enterprise Server for SAP Applications 15 SP5 | kernel-default | Released |
SUSE Linux Enterprise Server for SAP Applications 15 SP5 | kernel-default-base | Released |
SUSE Linux Enterprise Server for SAP Applications 15 SP5 | kernel-docs | Released |
SUSE Linux Enterprise Server for SAP Applications 15 SP5 | kernel-obs-build | Released |
SUSE Linux Enterprise Server for SAP Applications 15 SP5 | kernel-source | Released |
SUSE Linux Enterprise Server for SAP Applications 15 SP5 | kernel-source-azure | Released |
SUSE Linux Enterprise Server for SAP Applications 15 SP5 | kernel-syms | Released |
SUSE Linux Enterprise Server for SAP Applications 15 SP5 | kernel-syms-azure | Released |
SUSE Linux Enterprise Server for SAP Applications 15 SP5 | kernel-zfcpdump | Released |
SUSE Linux Enterprise Server for SAP Applications 15 SP6 | kernel-default | Already fixed |
SUSE Linux Enterprise Server for SAP Applications 15 SP6 | kernel-source | Already fixed |
SUSE Linux Enterprise Server for SAP Applications 15 SP6 | kernel-source-azure | Already fixed |
SUSE Linux Enterprise Workstation Extension 15 SP5 | kernel-default | Released |
SUSE Manager Proxy 4.3 | kernel-default | Affected |
SUSE Manager Proxy 4.3 | kernel-source | In progress |
SUSE Manager Proxy 4.3 | kernel-source-azure | Unsupported |
SUSE Manager Retail Branch Server 4.3 | kernel-default | Affected |
SUSE Manager Retail Branch Server 4.3 | kernel-source | In progress |
SUSE Manager Retail Branch Server 4.3 | kernel-source-azure | Unsupported |
SUSE Manager Server 4.3 | kernel-default | Affected |
SUSE Manager Server 4.3 | kernel-source | In progress |
SUSE Manager Server 4.3 | kernel-source-azure | Unsupported |
SUSE Real Time Module 15 SP5 | kernel-rt | Released |
SUSE Real Time Module 15 SP5 | kernel-rt_debug | Released |
SUSE Real Time Module 15 SP5 | kernel-source-rt | Released |
SUSE Real Time Module 15 SP5 | kernel-syms-rt | Released |
SUSE Real Time Module 15 SP6 | kernel-source-rt | Not affected |
openSUSE Leap 15.5 | dtb-aarch64 | Released |
openSUSE Leap 15.5 | dtb-armv7l | Released |
openSUSE Leap 15.5 | kernel-64kb | Released |
openSUSE Leap 15.5 | kernel-azure | Released |
openSUSE Leap 15.5 | kernel-debug | Released |
openSUSE Leap 15.5 | kernel-default | Released |
openSUSE Leap 15.5 | kernel-docs | Released |
openSUSE Leap 15.5 | kernel-kvmsmall | Released |
openSUSE Leap 15.5 | kernel-lpae | Released |
openSUSE Leap 15.5 | kernel-obs-build | Released |
openSUSE Leap 15.5 | kernel-obs-qa | Released |
openSUSE Leap 15.5 | kernel-rt | Released |
openSUSE Leap 15.5 | kernel-rt_debug | Released |
openSUSE Leap 15.5 | kernel-source | Released |
openSUSE Leap 15.5 | kernel-source-azure | Released |
openSUSE Leap 15.5 | kernel-source-rt | Released |
openSUSE Leap 15.5 | kernel-syms | Released |
openSUSE Leap 15.5 | kernel-syms-azure | Released |
openSUSE Leap 15.5 | kernel-syms-rt | Released |
openSUSE Leap 15.5 | kernel-zfcpdump | Released |
openSUSE Leap 15.6 | kernel-default | Already fixed |
openSUSE Leap 15.6 | kernel-source | Already fixed |
openSUSE Leap 15.6 | kernel-source-azure | Already fixed |
openSUSE Leap 15.6 | kernel-source-rt | Not affected |
openSUSE Leap Micro 5.5 | kernel-default | Affected |
openSUSE Leap Micro 5.5 | kernel-rt | Affected |
Products under Long Term Service Pack support and receiving important and critical security fixes. | ||
SUSE Linux Enterprise Desktop 15 SP4 | kernel-source | Affected |
SUSE Linux Enterprise High Performance Computing 12 SP5 | kernel-default | Not affected |
SUSE Linux Enterprise High Performance Computing 12 SP5 | kernel-source | Not affected |
SUSE Linux Enterprise High Performance Computing 12 SP5 | kernel-source-azure | Not affected |
SUSE Linux Enterprise High Performance Computing 15 SP2 | kernel-source | Affected |
SUSE Linux Enterprise High Performance Computing 15 SP2 | kernel-source-azure | Unsupported |
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS | kernel-source | Affected |
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS | kernel-default | Affected |
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS | kernel-source | Affected |
SUSE Linux Enterprise High Performance Computing 15 SP3 | kernel-source | Affected |
SUSE Linux Enterprise High Performance Computing 15 SP3 | kernel-source-azure | Unsupported |
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS | kernel-source | Affected |
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | kernel-default | Affected |
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | kernel-source | Affected |
SUSE Linux Enterprise High Performance Computing 15 SP4 | kernel-source | Affected |
SUSE Linux Enterprise High Performance Computing 15 SP4 | kernel-source-azure | Unsupported |
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS | kernel-default | Affected |
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS | kernel-source | Affected |
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS | kernel-default | Affected |
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS | kernel-source | Affected |
SUSE Linux Enterprise Module for Basesystem 15 SP2 | kernel-source | Affected |
SUSE Linux Enterprise Module for Basesystem 15 SP3 | kernel-source | Affected |
SUSE Linux Enterprise Module for Basesystem 15 SP4 | kernel-source | Affected |
SUSE Linux Enterprise Module for Development Tools 15 SP2 | kernel-source | Affected |
SUSE Linux Enterprise Module for Development Tools 15 SP3 | kernel-source | Affected |
SUSE Linux Enterprise Module for Development Tools 15 SP4 | kernel-source | Affected |
SUSE Linux Enterprise Module for Public Cloud 15 SP4 | kernel-source-azure | Unsupported |
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE | kernel-default | Not affected |
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE | kernel-source | Not affected |
SUSE Linux Enterprise Server 12 SP5 | kernel-default | Not affected |
SUSE Linux Enterprise Server 12 SP5 | kernel-source | Not affected |
SUSE Linux Enterprise Server 12 SP5 | kernel-source-azure | Not affected |
SUSE Linux Enterprise Server 12 SP5-LTSS | kernel-source | Not affected |
SUSE Linux Enterprise Server 12 SP5-LTSS | kernel-source-azure | Not affected |
SUSE Linux Enterprise Server 15 SP2 | kernel-source | Affected |
SUSE Linux Enterprise Server 15 SP2 | kernel-source-azure | Unsupported |
SUSE Linux Enterprise Server 15 SP2-LTSS | kernel-default | Affected |
SUSE Linux Enterprise Server 15 SP2-LTSS | kernel-source | Affected |
SUSE Linux Enterprise Server 15 SP3 | kernel-source | Affected |
SUSE Linux Enterprise Server 15 SP3 | kernel-source-azure | Unsupported |
SUSE Linux Enterprise Server 15 SP3-LTSS | kernel-default | Affected |
SUSE Linux Enterprise Server 15 SP3-LTSS | kernel-source | Affected |
SUSE Linux Enterprise Server 15 SP4 | kernel-source | Affected |
SUSE Linux Enterprise Server 15 SP4 | kernel-source-azure | Unsupported |
SUSE Linux Enterprise Server 15 SP4-LTSS | kernel-default | Affected |
SUSE Linux Enterprise Server 15 SP4-LTSS | kernel-source | Affected |
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 | kernel-source | Not affected |
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 | kernel-source-azure | Not affected |
SUSE Linux Enterprise Server for SAP Applications 12 SP5 | kernel-default | Not affected |
SUSE Linux Enterprise Server for SAP Applications 12 SP5 | kernel-source | Not affected |
SUSE Linux Enterprise Server for SAP Applications 12 SP5 | kernel-source-azure | Not affected |
SUSE Linux Enterprise Server for SAP Applications 15 SP2 | kernel-default | Affected |
SUSE Linux Enterprise Server for SAP Applications 15 SP2 | kernel-source | Affected |
SUSE Linux Enterprise Server for SAP Applications 15 SP2 | kernel-source-azure | Unsupported |
SUSE Linux Enterprise Server for SAP Applications 15 SP3 | kernel-default | Affected |
SUSE Linux Enterprise Server for SAP Applications 15 SP3 | kernel-source | Affected |
SUSE Linux Enterprise Server for SAP Applications 15 SP3 | kernel-source-azure | Unsupported |
SUSE Linux Enterprise Server for SAP Applications 15 SP4 | kernel-default | Affected |
SUSE Linux Enterprise Server for SAP Applications 15 SP4 | kernel-source | Affected |
SUSE Linux Enterprise Server for SAP Applications 15 SP4 | kernel-source-azure | Unsupported |
Products past their end of life and not receiving proactive updates anymore. | ||
HPE Helion OpenStack 8 | kernel-source | Not affected |
SUSE CaaS Platform 4.0 | kernel-default | Not affected |
SUSE CaaS Platform 4.0 | kernel-source | Not affected |
SUSE CaaS Platform Toolchain 3 | kernel-source | Not affected |
SUSE Enterprise Storage 6 | kernel-source | Not affected |
SUSE Enterprise Storage 7 | kernel-source | Affected |
SUSE Enterprise Storage 7 | kernel-source-azure | Unsupported |
SUSE Enterprise Storage 7.1 | kernel-default | Affected |
SUSE Enterprise Storage 7.1 | kernel-source | Affected |
SUSE Enterprise Storage 7.1 | kernel-source-azure | Unsupported |
SUSE Linux Enterprise Desktop 11 SP4 | kernel-source | Not affected |
SUSE Linux Enterprise Desktop 12 SP2 | kernel-source | Not affected |
SUSE Linux Enterprise Desktop 12 SP3 | kernel-source | Not affected |
SUSE Linux Enterprise Desktop 12 SP4 | kernel-source | Not affected |
SUSE Linux Enterprise Desktop 15 | kernel-source | Not affected |
SUSE Linux Enterprise Desktop 15 SP1 | kernel-source | Not affected |
SUSE Linux Enterprise Desktop 15 SP2 | kernel-source | Affected |
SUSE Linux Enterprise Desktop 15 SP3 | kernel-source | Affected |
SUSE Linux Enterprise High Performance Computing 15 | kernel-source | Not affected |
SUSE Linux Enterprise High Performance Computing 15 SP1 | kernel-source | Not affected |
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS | kernel-source | Not affected |
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS | kernel-default | Not affected |
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS | kernel-source | Not affected |
SUSE Linux Enterprise High Performance Computing 15-ESPOS | kernel-source | Not affected |
SUSE Linux Enterprise High Performance Computing 15-LTSS | kernel-source | Not affected |
SUSE Linux Enterprise Micro 5.0 | kernel-default | Not affected |
SUSE Linux Enterprise Module for Basesystem 15 | kernel-source | Not affected |
SUSE Linux Enterprise Module for Basesystem 15 SP1 | kernel-source | Not affected |
SUSE Linux Enterprise Module for Development Tools 15 | kernel-source | Not affected |
SUSE Linux Enterprise Module for Development Tools 15 SP1 | kernel-source | Not affected |
SUSE Linux Enterprise Module for Public Cloud 15 SP2 | kernel-source-azure | Unsupported |
SUSE Linux Enterprise Module for Public Cloud 15 SP3 | kernel-source-azure | Unsupported |
SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT | kernel-source | Not affected |
SUSE Linux Enterprise Real Time 12 SP5 | kernel-source-rt | Not affected |
SUSE Linux Enterprise Real Time 15 SP2 | kernel-source | Affected |
SUSE Linux Enterprise Real Time 15 SP3 | kernel-source | Affected |
SUSE Linux Enterprise Real Time 15 SP3 | kernel-source-rt | Unsupported |
SUSE Linux Enterprise Real Time 15 SP4 | kernel-source | Affected |
SUSE Linux Enterprise Real Time 15 SP4 | kernel-source-rt | Unsupported |
SUSE Linux Enterprise Server 11 SP4 | kernel-source | Not affected |
SUSE Linux Enterprise Server 11 SP4 LTSS | kernel-default | Not affected |
SUSE Linux Enterprise Server 11 SP4 LTSS | kernel-source | Not affected |
SUSE Linux Enterprise Server 11 SP4-LTSS | kernel-source | Not affected |
SUSE Linux Enterprise Server 12 SP2 | kernel-source | Not affected |
SUSE Linux Enterprise Server 12 SP2-BCL | kernel-source | Not affected |
SUSE Linux Enterprise Server 12 SP2-ESPOS | kernel-source | Not affected |
SUSE Linux Enterprise Server 12 SP2-LTSS | kernel-default | Not affected |
SUSE Linux Enterprise Server 12 SP2-LTSS | kernel-source | Not affected |
SUSE Linux Enterprise Server 12 SP3 | kernel-source | Not affected |
SUSE Linux Enterprise Server 12 SP3-BCL | kernel-source | Not affected |
SUSE Linux Enterprise Server 12 SP3-ESPOS | kernel-source | Not affected |
SUSE Linux Enterprise Server 12 SP3-LTSS | kernel-source | Not affected |
SUSE Linux Enterprise Server 12 SP4 | kernel-source | Not affected |
SUSE Linux Enterprise Server 12 SP4-ESPOS | kernel-source | Not affected |
SUSE Linux Enterprise Server 12 SP4-LTSS | kernel-default | Not affected |
SUSE Linux Enterprise Server 12 SP4-LTSS | kernel-source | Not affected |
SUSE Linux Enterprise Server 15 | kernel-source | Not affected |
SUSE Linux Enterprise Server 15 SP1 | kernel-source | Not affected |
SUSE Linux Enterprise Server 15 SP1-BCL | kernel-source | Not affected |
SUSE Linux Enterprise Server 15 SP1-LTSS | kernel-default | Not affected |
SUSE Linux Enterprise Server 15 SP1-LTSS | kernel-source | Not affected |
SUSE Linux Enterprise Server 15 SP2-BCL | kernel-source | Affected |
SUSE Linux Enterprise Server 15 SP3-BCL | kernel-source | Affected |
SUSE Linux Enterprise Server 15-LTSS | kernel-default | Not affected |
SUSE Linux Enterprise Server 15-LTSS | kernel-source | Not affected |
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 | kernel-source | Not affected |
SUSE Linux Enterprise Server for SAP Applications 12 SP2 | kernel-default | Not affected |
SUSE Linux Enterprise Server for SAP Applications 12 SP2 | kernel-source | Not affected |
SUSE Linux Enterprise Server for SAP Applications 12 SP3 | kernel-source | Not affected |
SUSE Linux Enterprise Server for SAP Applications 12 SP4 | kernel-default | Not affected |
SUSE Linux Enterprise Server for SAP Applications 12 SP4 | kernel-source | Not affected |
SUSE Linux Enterprise Server for SAP Applications 15 | kernel-source | Not affected |
SUSE Linux Enterprise Server for SAP Applications 15 SP1 | kernel-default | Not affected |
SUSE Linux Enterprise Server for SAP Applications 15 SP1 | kernel-source | Not affected |
SUSE Manager Proxy 4.0 | kernel-source | Not affected |
SUSE Manager Proxy 4.1 | kernel-source | Affected |
SUSE Manager Proxy 4.1 | kernel-source-azure | Unsupported |
SUSE Manager Proxy 4.2 | kernel-source | Affected |
SUSE Manager Proxy 4.2 | kernel-source-azure | Unsupported |
SUSE Manager Retail Branch Server 4.0 | kernel-source | Not affected |
SUSE Manager Retail Branch Server 4.1 | kernel-source | Affected |
SUSE Manager Retail Branch Server 4.1 | kernel-source-azure | Unsupported |
SUSE Manager Retail Branch Server 4.2 | kernel-source | Affected |
SUSE Manager Retail Branch Server 4.2 | kernel-source-azure | Unsupported |
SUSE Manager Server 4.0 | kernel-source | Not affected |
SUSE Manager Server 4.1 | kernel-source | Affected |
SUSE Manager Server 4.1 | kernel-source-azure | Unsupported |
SUSE Manager Server 4.2 | kernel-source | Affected |
SUSE Manager Server 4.2 | kernel-source-azure | Unsupported |
SUSE OpenStack Cloud 7 | kernel-source | Not affected |
SUSE OpenStack Cloud 8 | kernel-source | Not affected |
SUSE OpenStack Cloud 9 | kernel-default | Not affected |
SUSE OpenStack Cloud 9 | kernel-source | Not affected |
SUSE OpenStack Cloud Crowbar 8 | kernel-source | Not affected |
SUSE OpenStack Cloud Crowbar 9 | kernel-default | Not affected |
SUSE OpenStack Cloud Crowbar 9 | kernel-source | Not affected |
SUSE Real Time Module 15 SP3 | kernel-source-rt | Unsupported |
SUSE Real Time Module 15 SP4 | kernel-source-rt | Unsupported |
openSUSE Leap 15.3 | kernel-source | Affected |
openSUSE Leap 15.3 | kernel-source-azure | Unsupported |
openSUSE Leap 15.3 | kernel-source-rt | Unsupported |
openSUSE Leap 15.4 | kernel-source | Affected |
openSUSE Leap 15.4 | kernel-source-azure | Unsupported |
openSUSE Leap 15.4 | kernel-source-rt | Unsupported |
Products at an unknown state of their lifecycle. | ||
SLES15-SP5-CHOST-BYOS-GDC | kernel-default | Released |
Container Status | ||
suse/hpc/warewulf4-x86_64/sle-hpc-node | kernel-default | In progress |
suse/sles/15.5/libguestfs-tools:0.58.0 | kernel-kvmsmall | In progress |
suse/sle-micro/rt-5.5 | kernel-rt | Released |
bci/bci-sle15-kernel-module-devel:15.5 | kernel-syms | Released |
SUSE Timeline for this CVE
CVE page created: Fri Feb 23 17:00:23 2024CVE page last modified: Sat Nov 23 14:29:21 2024