Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-0775 (GCVE-0-2024-0775)
Vulnerability from cvelistv5 – Published: 2024-01-22 13:03 – Updated: 2025-11-20 18:10
VLAI
EPSS
Title
Kernel: use-after-free while changing the mount option in __ext4_remount leading
Summary
A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.
Severity
6.7 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://access.redhat.com/security/cve/CVE-2024-0775 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2259414 | issue-trackingx_refsource_REDHAT |
| https://scm.linefinity.com/common/linux-stable/co… |
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
0 , < 6.4-rc2
(semver)
|
|||
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
Date Public
2023-05-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:18:18.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0775"
},
{
"name": "RHBZ#2259414",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259414"
},
{
"tags": [
"x_transferred"
],
"url": "https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0775",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-22T16:53:57.265285Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T21:19:25.697Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.kernel.org/pub/scm/linux/kernel",
"defaultStatus": "unaffected",
"packageName": "kernel",
"versions": [
{
"lessThan": "6.4-rc2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "kernel",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "kernel",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "kernel-rt",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "kernel",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "kernel-rt",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "kernel",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "kernel-rt",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
}
],
"datePublic": "2023-05-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T18:10:55.464Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0775"
},
{
"name": "RHBZ#2259414",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259414"
},
{
"url": "https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-21T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-05-05T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Kernel: use-after-free while changing the mount option in __ext4_remount leading",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_redhatCweChain": "CWE-416: Use After Free"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-0775",
"datePublished": "2024-01-22T13:03:09.603Z",
"dateReserved": "2024-01-21T12:37:58.285Z",
"dateUpdated": "2025-11-20T18:10:55.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-0775",
"date": "2026-05-29",
"epss": "0.00015",
"percentile": "0.03493"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-0775\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2024-01-22T13:15:25.137\",\"lastModified\":\"2024-11-21T08:47:20.760\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una falla de use-after-free en __ext4_remount en fs/ext4/super.c en ext4 en el kernel de Linux. Esta falla permite que un usuario local cause un problema de fuga de informaci\u00f3n mientras libera los nombres de archivos de cuota antiguos antes de una posible falla, lo que lleva a un use-after-free.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.4\",\"matchCriteriaId\":\"18D12E25-2947-44E7-989D-24450E013A1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.4:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"38BC6744-7D25-4C02-9966-B224CD071D30\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-0775\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2259414\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-0775\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2259414\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2024-0775\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2259414\", \"name\": \"RHBZ#2259414\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T18:18:18.269Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-0775\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-01-22T16:53:57.265285Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-17T21:16:05.082Z\"}}], \"cna\": {\"title\": \"Kernel: use-after-free while changing the mount option in __ext4_remount leading\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Moderate\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"6.4-rc2\", \"versionType\": \"semver\"}], \"packageName\": \"kernel\", \"collectionURL\": \"https://git.kernel.org/pub/scm/linux/kernel\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"kernel\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"packageName\": \"kernel\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"packageName\": \"kernel-rt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"kernel\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"kernel-rt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"kernel\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"kernel-rt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-01-21T00:00:00+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2023-05-05T00:00:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2023-05-05T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2024-0775\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2259414\", \"name\": \"RHBZ#2259414\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-11-20T18:10:55.464Z\"}, \"x_redhatCweChain\": \"CWE-416: Use After Free\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-0775\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-20T18:10:55.464Z\", \"dateReserved\": \"2024-01-21T12:37:58.285Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2024-01-22T13:03:09.603Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2024-0775
Vulnerability from fkie_nvd - Published: 2024-01-22 13:15 - Updated: 2024-11-21 08:47
Severity
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Summary
A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | 6.4 | |
| redhat | enterprise_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18D12E25-2947-44E7-989D-24450E013A1F",
"versionEndExcluding": "6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "38BC6744-7D25-4C02-9966-B224CD071D30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla de use-after-free en __ext4_remount en fs/ext4/super.c en ext4 en el kernel de Linux. Esta falla permite que un usuario local cause un problema de fuga de informaci\u00f3n mientras libera los nombres de archivos de cuota antiguos antes de una posible falla, lo que lleva a un use-after-free."
}
],
"id": "CVE-2024-0775",
"lastModified": "2024-11-21T08:47:20.760",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-22T13:15:25.137",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0775"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259414"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-W57V-9X67-753V
Vulnerability from github – Published: 2024-01-22 15:30 – Updated: 2024-01-22 15:30
VLAI
Details
A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.
Severity
6.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2024-0775"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-22T13:15:25Z",
"severity": "MODERATE"
},
"details": "A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.",
"id": "GHSA-w57v-9x67-753v",
"modified": "2024-01-22T15:30:23Z",
"published": "2024-01-22T15:30:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0775"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2024-0775"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259414"
},
{
"type": "WEB",
"url": "https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2024-0775
Vulnerability from gsd - Updated: 2024-01-22 06:02Details
A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-0775"
],
"details": "A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.",
"id": "GSD-2024-0775",
"modified": "2024-01-22T06:02:23.657705Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2024-0775",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-416",
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/security/cve/CVE-2024-0775",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/CVE-2024-0775"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2259414",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259414"
},
{
"name": "https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162",
"refsource": "MISC",
"url": "https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162"
}
]
},
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
]
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18D12E25-2947-44E7-989D-24450E013A1F",
"versionEndExcluding": "6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "38BC6744-7D25-4C02-9966-B224CD071D30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla de use-after-free en __ext4_remount en fs/ext4/super.c en ext4 en el kernel de Linux. Esta falla permite que un usuario local cause un problema de fuga de informaci\u00f3n mientras libera los nombres de archivos de cuota antiguos antes de una posible falla, lo que lleva a un use-after-free."
}
],
"id": "CVE-2024-0775",
"lastModified": "2024-01-29T19:08:44.387",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
},
"published": "2024-01-22T13:15:25.137",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0775"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259414"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
}
}
}
ICSA-24-165-06
Vulnerability from csaf_cisa - Published: 2024-06-11 00:00 - Updated: 2024-07-09 00:00Summary
Siemens TIM 1531 IRC
Notes
Summary: Siemens has released new versions for the affected products and recommends to update to the latest versions.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer: This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors: Multiple
Countries/areas deployed: Worldwide
Company headquarters location: Germany
Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices: Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CWE-20
- Improper Input Validation
Affected products
Known affected
2 products
CWE-787
- Out-of-bounds Write
Affected products
Known affected
2 products
CWE-326
- Inadequate Encryption Strength
Affected products
Known affected
2 products
CWE-415
- Double Free
Affected products
Known affected
2 products
CWE-311
- Missing Encryption of Sensitive Data
Affected products
Known affected
2 products
CWE-681
- Incorrect Conversion between Numeric Types
Affected products
Known affected
2 products
CWE-190
- Integer Overflow or Wraparound
Affected products
Known affected
2 products
CWE-415
- Double Free
Affected products
Known affected
2 products
CWE-20
- Improper Input Validation
Affected products
Known affected
2 products
CWE-362
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Affected products
Known affected
2 products
CWE-416
- Use After Free
Affected products
Known affected
2 products
CWE-667
- Improper Locking
Affected products
Known affected
2 products
CWE-416
- Use After Free
Affected products
Known affected
2 products
CWE-20
- Improper Input Validation
Affected products
Known affected
2 products
CWE-295
- Improper Certificate Validation
Affected products
Known affected
2 products
CWE-295
- Improper Certificate Validation
Affected products
Known affected
2 products
CWE-295
- Improper Certificate Validation
Affected products
Known affected
2 products
CWE-787
- Out-of-bounds Write
Affected products
Known affected
2 products
CWE-787
- Out-of-bounds Write
Affected products
Known affected
2 products
CWE-667
- Improper Locking
Affected products
Known affected
2 products
CWE-787
- Out-of-bounds Write
Affected products
Known affected
2 products
7.5 (High)
Affected products
Known affected
2 products
CWE-416
- Use After Free
Affected products
Known affected
2 products
CWE-787
- Out-of-bounds Write
Affected products
Known affected
2 products
CWE-362
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Affected products
Known affected
2 products
CWE-362
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Affected products
Known affected
2 products
CWE-362
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Affected products
Known affected
2 products
CWE-416
- Use After Free
Affected products
Known affected
2 products
CWE-835
- Loop with Unreachable Exit Condition ('Infinite Loop')
Affected products
Known affected
2 products
CWE-20
- Improper Input Validation
Affected products
Known affected
2 products
CWE-20
- Improper Input Validation
Affected products
Known affected
2 products
References
12 references
Acknowledgments
Siemens ProductCERT
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Siemens has released new versions for the affected products and recommends to update to the latest versions.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-337522: Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-337522.json"
},
{
"category": "self",
"summary": "SSA-337522: Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-337522.html"
},
{
"category": "self",
"summary": "SSA-337522: Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8 - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-337522.pdf"
},
{
"category": "self",
"summary": "SSA-337522: Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8 - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-337522.txt"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-24-165-06 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-165-06.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-24-165-06 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-06"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens TIM 1531 IRC",
"tracking": {
"current_release_date": "2024-07-09T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-24-165-06",
"initial_release_date": "2024-06-11T00:00:00.000000Z",
"revision_history": [
{
"date": "2024-06-11T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2024-07-09T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Updated contents of CVE-2023-27321 (OPC Foundation UA .NET Standard: Description, CVSS vector, CWE)"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.4.8",
"product": {
"name": "SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0)",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"model_numbers": [
"6AG1543-1MX00-7XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.4.8",
"product": {
"name": "TIM 1531 IRC (6GK7543-1MX00-0XE0)",
"product_id": "CSAFPID-0002",
"product_identification_helper": {
"model_numbers": [
"6GK7543-1MX00-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "TIM 1531 IRC (6GK7543-1MX00-0XE0)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47178",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Avoid smp_processor_id() in preemptible code.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2021-47178"
},
{
"cve": "CVE-2022-1015",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2022-1015"
},
{
"cve": "CVE-2022-4304",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "summary",
"text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2022-39189",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2022-39189"
},
{
"cve": "CVE-2022-40225",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"notes": [
{
"category": "summary",
"text": "Casting an internal value could lead to floating point exception under certain circumstances. This could allow an attacker to cause a denial of service condition on affected devices.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2022-40225"
},
{
"cve": "CVE-2022-40303",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2022-40303"
},
{
"cve": "CVE-2022-40304",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2022-40304"
},
{
"cve": "CVE-2022-45886",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2022-45886"
},
{
"cve": "CVE-2022-45887",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2022-45887"
},
{
"cve": "CVE-2022-45919",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2022-45919"
},
{
"cve": "CVE-2023-0160",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "A deadlock flaw was found in the Linux kernel\u2019s BPF subsystem. This flaw allows a local user to potentially crash the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-0160"
},
{
"cve": "CVE-2023-0215",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0286",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0464",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-0464"
},
{
"cve": "CVE-2023-0465",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-0465"
},
{
"cve": "CVE-2023-0466",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "The function X509_VERIFY_PARAM_add0_policy() is documented to\nimplicitly enable the certificate policy check when doing certificate\nverification. However the implementation of the function does not\nenable the check which allows certificates with invalid or incorrect\npolicies to pass the certificate verification.\n\nAs suddenly enabling the policy check could break existing deployments it was\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\nfunction.\n\nInstead the applications that require OpenSSL to perform certificate\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\nthe X509_V_FLAG_POLICY_CHECK flag argument.\n\nCertificate policy checks are disabled by default in OpenSSL and are not\ncommonly used by applications.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-0466"
},
{
"cve": "CVE-2023-1017",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds write vulnerability exists in TPM2.0\u0027s Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-1017"
},
{
"cve": "CVE-2023-2124",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds memory access flaw was found in the Linux kernel\u2019s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-2124"
},
{
"cve": "CVE-2023-2269",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-2269"
},
{
"cve": "CVE-2023-21255",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-21255"
},
{
"cve": "CVE-2023-27321",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"notes": [
{
"category": "summary",
"text": "OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20505.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-27321"
},
{
"cve": "CVE-2023-28319",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use after free vulnerability exists in curl \u003cv8.1.0 in the way libcurl offers a feature to verify an SSH server\u0027s public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-28319"
},
{
"cve": "CVE-2023-35788",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-35788"
},
{
"cve": "CVE-2023-35823",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-35823"
},
{
"cve": "CVE-2023-35824",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-35824"
},
{
"cve": "CVE-2023-35828",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-35828"
},
{
"cve": "CVE-2023-35829",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-35829"
},
{
"cve": "CVE-2023-41910",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdp_decode in daemon/protocols/cdp.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-41910"
},
{
"cve": "CVE-2023-50763",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The web server of affected products, if configured to allow the import of PKCS12 containers, could end up in an infinite loop when processing incomplete certificate chains.\r\n\r\nThis could allow an authenticated remote attacker to create a denial of service condition by importing specially crafted PKCS12 containers.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-50763"
},
{
"cve": "CVE-2023-52474",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests hfi1 user SDMA request processing has two bugs that can cause data corruption for user SDMA requests that have multiple payload iovecs where an iovec other than the tail iovec does not run up to the page boundary for the buffer pointed to by that iovec.a Here are the specific bugs: 1. user_sdma_txadd() does not use struct user_sdma_iovec-\u003eiov.iov_len. Rather, user_sdma_txadd() will add up to PAGE_SIZE bytes from iovec to the packet, even if some of those bytes are past iovec-\u003eiov.iov_len and are thus not intended to be in the packet. 2. user_sdma_txadd() and user_sdma_send_pkts() fail to advance to the next iovec in user_sdma_request-\u003eiovs when the current iovec is not PAGE_SIZE and does not contain enough data to complete the packet. The transmitted packet will contain the wrong data from the iovec pages. This has not been an issue with SDMA packets from hfi1 Verbs or PSM2 because they only produce iovecs that end short of PAGE_SIZE as the tail iovec of an SDMA request. Fixing these bugs exposes other bugs with the SDMA pin cache (struct mmu_rb_handler) that get in way of supporting user SDMA requests with multiple payload iovecs whose buffers do not end at PAGE_SIZE. So this commit fixes those issues as well. Here are the mmu_rb_handler bugs that non-PAGE_SIZE-end multi-iovec payload user SDMA requests can hit: 1. Overlapping memory ranges in mmu_rb_handler will result in duplicate pinnings. 2. When extending an existing mmu_rb_handler entry (struct mmu_rb_node), the mmu_rb code (1) removes the existing entry under a lock, (2) releases that lock, pins the new pages, (3) then reacquires the lock to insert the extended mmu_rb_node. If someone else comes in and inserts an overlapping entry between (2) and (3), insert in (3) will fail. The failure path code in this case unpins _all_ pages in either the original mmu_rb_node or the new mmu_rb_node that was inserted between (2) and (3). 3. In hfi1_mmu_rb_remove_unless_exact(), mmu_rb_node-\u003erefcount is incremented outside of mmu_rb_handler-\u003elock. As a result, mmu_rb_node could be evicted by another thread that gets mmu_rb_handler-\u003elock and checks mmu_rb_node-\u003erefcount before mmu_rb_node-\u003erefcount is incremented. 4. Related to #2 above, SDMA request submission failure path does not check mmu_rb_node-\u003erefcount before freeing mmu_rb_node object. If there are other SDMA requests in progress whose iovecs have pointers to the now-freed mmu_rb_node(s), those pointers to the now-freed mmu_rb nodes will be dereferenced when those SDMA requests complete.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2023-52474"
},
{
"cve": "CVE-2024-0775",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2024-0775"
}
]
}
MSRC_CVE-2024-0775
Vulnerability from csaf_microsoft - Published: 2024-01-01 08:00 - Updated: 2026-02-18 03:23Summary
Kernel: use-after-free while changing the mount option in __ext4_remount leading
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
7.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 16838-17086 | — | ||
| Unresolved product id: 19673-17086 | — | ||
| Unresolved product id: 17095-17086 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2024/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2024/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0775 Kernel: use-after-free while changing the mount option in __ext4_remount leading - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-0775.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Kernel: use-after-free while changing the mount option in __ext4_remount leading",
"tracking": {
"current_release_date": "2026-02-18T03:23:34.000Z",
"generator": {
"date": "2026-02-18T10:32:28.532Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-0775",
"initial_release_date": "2024-01-01T08:00:00.000Z",
"revision_history": [
{
"date": "2024-01-30T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-02-18T03:23:34.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 kernel 5.15.153.1-1",
"product": {
"name": "\u003ccbl2 kernel 5.15.153.1-1",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "cbl2 kernel 5.15.153.1-1",
"product": {
"name": "cbl2 kernel 5.15.153.1-1",
"product_id": "16838"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 kernel 5.15.180.1-1",
"product": {
"name": "\u003ccbl2 kernel 5.15.180.1-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 kernel 5.15.180.1-1",
"product": {
"name": "cbl2 kernel 5.15.180.1-1",
"product_id": "19673"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 kernel 5.15.180.1-1",
"product": {
"name": "\u003ccbl2 kernel 5.15.180.1-1",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 kernel 5.15.180.1-1",
"product": {
"name": "cbl2 kernel 5.15.180.1-1",
"product_id": "17095"
}
}
],
"category": "product_name",
"name": "kernel"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 kernel 5.15.153.1-1 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 kernel 5.15.153.1-1 as a component of CBL Mariner 2.0",
"product_id": "16838-17086"
},
"product_reference": "16838",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 kernel 5.15.180.1-1 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 kernel 5.15.180.1-1 as a component of CBL Mariner 2.0",
"product_id": "19673-17086"
},
"product_reference": "19673",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 kernel 5.15.180.1-1 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 kernel 5.15.180.1-1 as a component of CBL Mariner 2.0",
"product_id": "17095-17086"
},
"product_reference": "17095",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-0775",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "general",
"text": "redhat",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"16838-17086",
"19673-17086",
"17095-17086"
],
"known_affected": [
"17086-3",
"17086-1",
"17086-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0775 Kernel: use-after-free while changing the mount option in __ext4_remount leading - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-0775.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-30T00:00:00.000Z",
"details": "5.15.153.1-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-3",
"17086-1",
"17086-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"17086-3",
"17086-1",
"17086-2"
]
}
],
"title": "Kernel: use-after-free while changing the mount option in __ext4_remount leading"
}
]
}
NCSC-2024-0246
Vulnerability from csaf_ncscnl - Published: 2024-06-11 13:29 - Updated: 2024-06-11 13:29Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Siemens heeft kwetsbaarheden verholpen in diverse producten, zoals SCALANCE, SICAM, Tecnomatix, SITOP en PowerSys.
Interpretaties: De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van beveiligingsmaatregel
- (Remote) code execution (Administrator/Root rechten)
- (Remote) code execution (Gebruikersrechten)
- Toegang tot systeemgegevens
- Verhoogde gebruikersrechten
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen: Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-121: Stack-based Buffer Overflow
CWE-122: Heap-based Buffer Overflow
CWE-1220: Insufficient Granularity of Access Control
CWE-123: Write-what-where Condition
CWE-125: Out-of-bounds Read
CWE-1333: Inefficient Regular Expression Complexity
CWE-170: Improper Null Termination
CWE-190: Integer Overflow or Wraparound
CWE-191: Integer Underflow (Wrap or Wraparound)
CWE-20: Improper Input Validation
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-269: Improper Privilege Management
CWE-287: Improper Authentication
CWE-295: Improper Certificate Validation
CWE-311: Missing Encryption of Sensitive Data
CWE-319: Cleartext Transmission of Sensitive Information
CWE-321: Use of Hard-coded Cryptographic Key
CWE-325: Missing Cryptographic Step
CWE-326: Inadequate Encryption Strength
CWE-328: Use of Weak Hash
CWE-330: Use of Insufficiently Random Values
CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data
CWE-352: Cross-Site Request Forgery (CSRF)
CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-379: Creation of Temporary File in Directory with Insecure Permissions
CWE-400: Uncontrolled Resource Consumption
CWE-401: Missing Release of Memory after Effective Lifetime
CWE-404: Improper Resource Shutdown or Release
CWE-415: Double Free
CWE-416: Use After Free
CWE-476: NULL Pointer Dereference
CWE-522: Insufficiently Protected Credentials
CWE-567: Unsynchronized Access to Shared Data in a Multithreaded Context
CWE-613: Insufficient Session Expiration
CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
CWE-664: Improper Control of a Resource Through its Lifetime
CWE-667: Improper Locking
CWE-704: Incorrect Type Conversion or Cast
CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-749: Exposed Dangerous Method or Function
CWE-754: Improper Check for Unusual or Exceptional Conditions
CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787: Out-of-bounds Write
CWE-833: Deadlock
CWE-834: Excessive Iteration
CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-94: Improper Control of Generation of Code ('Code Injection')
CWE-416
- Use After Free
CWE-20
- Improper Input Validation
CWE-20
- Improper Input Validation
CWE-20
- Improper Input Validation
CWE-20
- Improper Input Validation
CWE-20
- Improper Input Validation
CWE-1220
- Insufficient Granularity of Access Control
CWE-20
- Improper Input Validation
CWE-20
- Improper Input Validation
CWE-362
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-77
- Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-200
- Exposure of Sensitive Information to an Unauthorized Actor
CWE-787
- Out-of-bounds Write
CWE-416
- Use After Free
CWE-416
- Use After Free
CWE-362
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-416
- Use After Free
CWE-400
- Uncontrolled Resource Consumption
CWE-20
- Improper Input Validation
CWE-400
- Uncontrolled Resource Consumption
CWE-20
- Improper Input Validation
CWE-787
- Out-of-bounds Write
CWE-787
- Out-of-bounds Write
CWE-311
- Missing Encryption of Sensitive Data
CWE-787
- Out-of-bounds Write
CWE-400
- Uncontrolled Resource Consumption
CWE-476
- NULL Pointer Dereference
CWE-404
- Improper Resource Shutdown or Release
CWE-404
- Improper Resource Shutdown or Release
CWE-401
- Missing Release of Memory after Effective Lifetime
CWE-379
- Creation of Temporary File in Directory with Insecure Permissions
CWE-119
- Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-125
- Out-of-bounds Read
CWE-349
- Acceptance of Extraneous Untrusted Data With Trusted Data
CWE-321
- Use of Hard-coded Cryptographic Key
CWE-328
- Use of Weak Hash
CWE-74
- Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-567
- Unsynchronized Access to Shared Data in a Multithreaded Context
CWE-400
- Uncontrolled Resource Consumption
CWE-78
- Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-835
- Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20
- Improper Input Validation
CWE-20
- Improper Input Validation
CWE-170
- Improper Null Termination
CWE-269
- Improper Privilege Management
CWE-613
- Insufficient Session Expiration
CWE-352
- Cross-Site Request Forgery (CSRF)
CWE-522
- Insufficiently Protected Credentials
CWE-749
- Exposed Dangerous Method or Function
CWE-319
- Cleartext Transmission of Sensitive Information
CWE-614
- Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
CWE-20
- Improper Input Validation
CWE-330
- Use of Insufficiently Random Values
7.8 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
tecnomatix_plant_simulation
siemens
|
cpe:2.3:a:siemens:tecnomatix_plant_simulation:*:*:*:*:*:*:*:*
|
— |
CWE-287
- Improper Authentication
CWE-121
- Stack-based Buffer Overflow
CWE-787
- Out-of-bounds Write
CWE-326
- Inadequate Encryption Strength
CWE-119
- Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-119
- Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-123
- Write-what-where Condition
CWE-74
- Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-326
- Inadequate Encryption Strength
CWE-415
- Double Free
CWE-74
- Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-416
- Use After Free
CWE-681
- Incorrect Conversion between Numeric Types
CWE-190
- Integer Overflow or Wraparound
CWE-415
- Double Free
CWE-787
- Out-of-bounds Write
CWE-667
- Improper Locking
CWE-667
- Improper Locking
CWE-476
- NULL Pointer Dereference
CWE-476
- NULL Pointer Dereference
CWE-416
- Use After Free
CWE-401
- Missing Release of Memory after Effective Lifetime
CWE-416
- Use After Free
CWE-664
- Improper Control of a Resource Through its Lifetime
CWE-833
- Deadlock
CWE-416
- Use After Free
CWE-704
- Incorrect Type Conversion or Cast
CWE-295
- Improper Certificate Validation
CWE-295
- Improper Certificate Validation
CWE-295
- Improper Certificate Validation
CWE-787
- Out-of-bounds Write
CWE-787
- Out-of-bounds Write
CWE-667
- Improper Locking
CWE-404
- Improper Resource Shutdown or Release
CWE-404
- Improper Resource Shutdown or Release
CWE-754
- Improper Check for Unusual or Exceptional Conditions
CWE-416
- Use After Free
CWE-20
- Improper Input Validation
CWE-20
- Improper Input Validation
CWE-20
- Improper Input Validation
CWE-20
- Improper Input Validation
CWE-787
- Out-of-bounds Write
CWE-787
- Out-of-bounds Write
CWE-787
- Out-of-bounds Write
CWE-400
- Uncontrolled Resource Consumption
CWE-20
- Improper Input Validation
References
113 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Siemens heeft kwetsbaarheden verholpen in diverse producten, zoals SCALANCE, SICAM, Tecnomatix, SITOP en PowerSys.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van beveiligingsmaatregel\n- (Remote) code execution (Administrator/Root rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Verhoogde gebruikersrechten\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.\n",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Insufficient Granularity of Access Control",
"title": "CWE-1220"
},
{
"category": "general",
"text": "Write-what-where Condition",
"title": "CWE-123"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "Improper Null Termination",
"title": "CWE-170"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Improper Privilege Management",
"title": "CWE-269"
},
{
"category": "general",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "general",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "general",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "general",
"text": "Cleartext Transmission of Sensitive Information",
"title": "CWE-319"
},
{
"category": "general",
"text": "Use of Hard-coded Cryptographic Key",
"title": "CWE-321"
},
{
"category": "general",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "general",
"text": "Inadequate Encryption Strength",
"title": "CWE-326"
},
{
"category": "general",
"text": "Use of Weak Hash",
"title": "CWE-328"
},
{
"category": "general",
"text": "Use of Insufficiently Random Values",
"title": "CWE-330"
},
{
"category": "general",
"text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"title": "CWE-349"
},
{
"category": "general",
"text": "Cross-Site Request Forgery (CSRF)",
"title": "CWE-352"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Creation of Temporary File in Directory with Insecure Permissions",
"title": "CWE-379"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Insufficiently Protected Credentials",
"title": "CWE-522"
},
{
"category": "general",
"text": "Unsynchronized Access to Shared Data in a Multithreaded Context",
"title": "CWE-567"
},
{
"category": "general",
"text": "Insufficient Session Expiration",
"title": "CWE-613"
},
{
"category": "general",
"text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
"title": "CWE-614"
},
{
"category": "general",
"text": "Improper Control of a Resource Through its Lifetime",
"title": "CWE-664"
},
{
"category": "general",
"text": "Improper Locking",
"title": "CWE-667"
},
{
"category": "general",
"text": "Incorrect Type Conversion or Cast",
"title": "CWE-704"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
},
{
"category": "general",
"text": "Exposed Dangerous Method or Function",
"title": "CWE-749"
},
{
"category": "general",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Deadlock",
"title": "CWE-833"
},
{
"category": "general",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-024584.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-196737.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-238730.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-319319.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-337522.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-341067.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-481506.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-540640.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620338.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-625862.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-690517.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-879734.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-900277.pdf"
}
],
"title": "Kwetsbaarheden verholpen in Siemens producten",
"tracking": {
"current_release_date": "2024-06-11T13:29:25.912614Z",
"id": "NCSC-2024-0246",
"initial_release_date": "2024-06-11T13:29:25.912614Z",
"revision_history": [
{
"date": "2024-06-11T13:29:25.912614Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "mendix",
"product": {
"name": "mendix",
"product_id": "CSAFPID-538452",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "simatic",
"product": {
"name": "simatic",
"product_id": "CSAFPID-166121",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:simatic:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sinec-nms",
"product": {
"name": "sinec-nms",
"product_id": "CSAFPID-163798",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:sinec-nms:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "tecnomatix_plant_simulation",
"product": {
"name": "tecnomatix_plant_simulation",
"product_id": "CSAFPID-166120",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "tia_administrator",
"product": {
"name": "tia_administrator",
"product_id": "CSAFPID-766096",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:tia_administrator:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "scalance_w700",
"product": {
"name": "scalance_w700",
"product_id": "CSAFPID-1009262",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "scalance_xm-400",
"product": {
"name": "scalance_xm-400",
"product_id": "CSAFPID-1014214",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:scalance_xm-400:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "scalance_xr-500",
"product": {
"name": "scalance_xr-500",
"product_id": "CSAFPID-1014213",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:scalance_xr-500:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sicam_ak_3",
"product": {
"name": "sicam_ak_3",
"product_id": "CSAFPID-1007975",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:sicam_ak_3:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sicam_bc",
"product": {
"name": "sicam_bc",
"product_id": "CSAFPID-1007979",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:sicam_bc:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sicam_tm",
"product": {
"name": "sicam_tm",
"product_id": "CSAFPID-1007978",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:sicam_tm:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "siplus_tim_1531_irc",
"product": {
"name": "siplus_tim_1531_irc",
"product_id": "CSAFPID-1326635",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:siplus_tim_1531_irc:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sitop_ups1600",
"product": {
"name": "sitop_ups1600",
"product_id": "CSAFPID-1037908",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:sitop_ups1600:-:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-28319",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-28319",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28319.json"
}
],
"title": "CVE-2023-28319"
},
{
"cve": "CVE-2023-28484",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-28484",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json"
}
],
"title": "CVE-2023-28484"
},
{
"cve": "CVE-2023-29331",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-29331",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29331.json"
}
],
"title": "CVE-2023-29331"
},
{
"cve": "CVE-2023-29469",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-29469",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json"
}
],
"title": "CVE-2023-29469"
},
{
"cve": "CVE-2023-32032",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-32032",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32032.json"
}
],
"title": "CVE-2023-32032"
},
{
"cve": "CVE-2023-33126",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-33126",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33126.json"
}
],
"title": "CVE-2023-33126"
},
{
"cve": "CVE-2023-33127",
"cwe": {
"id": "CWE-1220",
"name": "Insufficient Granularity of Access Control"
},
"notes": [
{
"category": "other",
"text": "Insufficient Granularity of Access Control",
"title": "CWE-1220"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-33127",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33127.json"
}
],
"title": "CVE-2023-33127"
},
{
"cve": "CVE-2023-33128",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-33128",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33128.json"
}
],
"title": "CVE-2023-33128"
},
{
"cve": "CVE-2023-33135",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-33135",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33135.json"
}
],
"title": "CVE-2023-33135"
},
{
"cve": "CVE-2023-33170",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-33170",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33170.json"
}
],
"title": "CVE-2023-33170"
},
{
"cve": "CVE-2023-35390",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35390",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35390.json"
}
],
"title": "CVE-2023-35390"
},
{
"cve": "CVE-2023-35391",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35391",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35391.json"
}
],
"title": "CVE-2023-35391"
},
{
"cve": "CVE-2023-35788",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35788",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35788.json"
}
],
"title": "CVE-2023-35788"
},
{
"cve": "CVE-2023-35823",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35823",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35823.json"
}
],
"title": "CVE-2023-35823"
},
{
"cve": "CVE-2023-35824",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35824",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35824.json"
}
],
"title": "CVE-2023-35824"
},
{
"cve": "CVE-2023-35828",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35828",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35828.json"
}
],
"title": "CVE-2023-35828"
},
{
"cve": "CVE-2023-35829",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35829",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35829.json"
}
],
"title": "CVE-2023-35829"
},
{
"cve": "CVE-2023-36038",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36038",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36038.json"
}
],
"title": "CVE-2023-36038"
},
{
"cve": "CVE-2023-36049",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36049",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36049.json"
}
],
"title": "CVE-2023-36049"
},
{
"cve": "CVE-2023-36435",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36435",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36435.json"
}
],
"title": "CVE-2023-36435"
},
{
"cve": "CVE-2023-36558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36558",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36558.json"
}
],
"title": "CVE-2023-36558"
},
{
"cve": "CVE-2023-36792",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36792",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36792.json"
}
],
"title": "CVE-2023-36792"
},
{
"cve": "CVE-2023-36793",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36793",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36793.json"
}
],
"title": "CVE-2023-36793"
},
{
"cve": "CVE-2023-36794",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36794",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36794.json"
}
],
"title": "CVE-2023-36794"
},
{
"cve": "CVE-2023-36796",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36796",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36796.json"
}
],
"title": "CVE-2023-36796"
},
{
"cve": "CVE-2023-36799",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36799",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36799.json"
}
],
"title": "CVE-2023-36799"
},
{
"cve": "CVE-2023-38171",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-38171",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38171.json"
}
],
"title": "CVE-2023-38171"
},
{
"cve": "CVE-2023-38178",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-38178",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38178.json"
}
],
"title": "CVE-2023-38178"
},
{
"cve": "CVE-2023-38180",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-38180",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38180.json"
}
],
"title": "CVE-2023-38180"
},
{
"cve": "CVE-2023-38380",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-38380",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38380.json"
}
],
"title": "CVE-2023-38380"
},
{
"cve": "CVE-2023-38533",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"notes": [
{
"category": "other",
"text": "Creation of Temporary File in Directory with Insecure Permissions",
"title": "CWE-379"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-38533",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38533.json"
}
],
"title": "CVE-2023-38533"
},
{
"cve": "CVE-2023-39615",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-39615",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39615.json"
}
],
"title": "CVE-2023-39615"
},
{
"cve": "CVE-2023-41910",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-41910",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-41910.json"
}
],
"title": "CVE-2023-41910"
},
{
"cve": "CVE-2023-44317",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"notes": [
{
"category": "other",
"text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"title": "CWE-349"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44317",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44317.json"
}
],
"title": "CVE-2023-44317"
},
{
"cve": "CVE-2023-44318",
"cwe": {
"id": "CWE-321",
"name": "Use of Hard-coded Cryptographic Key"
},
"notes": [
{
"category": "other",
"text": "Use of Hard-coded Cryptographic Key",
"title": "CWE-321"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44318",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44318.json"
}
],
"title": "CVE-2023-44318"
},
{
"cve": "CVE-2023-44319",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"notes": [
{
"category": "other",
"text": "Use of Weak Hash",
"title": "CWE-328"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44319",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44319.json"
}
],
"title": "CVE-2023-44319"
},
{
"cve": "CVE-2023-44373",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44373",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44373.json"
}
],
"title": "CVE-2023-44373"
},
{
"cve": "CVE-2023-44374",
"cwe": {
"id": "CWE-567",
"name": "Unsynchronized Access to Shared Data in a Multithreaded Context"
},
"notes": [
{
"category": "other",
"text": "Unsynchronized Access to Shared Data in a Multithreaded Context",
"title": "CWE-567"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44374",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44374.json"
}
],
"title": "CVE-2023-44374"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44487",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-49691",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-49691",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49691.json"
}
],
"title": "CVE-2023-49691"
},
{
"cve": "CVE-2023-50763",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-50763",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50763.json"
}
],
"title": "CVE-2023-50763"
},
{
"cve": "CVE-2023-52474",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-52474",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52474.json"
}
],
"title": "CVE-2023-52474"
},
{
"cve": "CVE-2024-0775",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-0775",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0775.json"
}
],
"title": "CVE-2024-0775"
},
{
"cve": "CVE-2024-31484",
"cwe": {
"id": "CWE-170",
"name": "Improper Null Termination"
},
"notes": [
{
"category": "other",
"text": "Improper Null Termination",
"title": "CWE-170"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-31484",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31484.json"
}
],
"title": "CVE-2024-31484"
},
{
"cve": "CVE-2024-33500",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "other",
"text": "Improper Privilege Management",
"title": "CWE-269"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-33500",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33500.json"
}
],
"title": "CVE-2024-33500"
},
{
"cve": "CVE-2024-35206",
"cwe": {
"id": "CWE-613",
"name": "Insufficient Session Expiration"
},
"notes": [
{
"category": "other",
"text": "Insufficient Session Expiration",
"title": "CWE-613"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35206",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35206.json"
}
],
"title": "CVE-2024-35206"
},
{
"cve": "CVE-2024-35207",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"notes": [
{
"category": "other",
"text": "Cross-Site Request Forgery (CSRF)",
"title": "CWE-352"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35207",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35207.json"
}
],
"title": "CVE-2024-35207"
},
{
"cve": "CVE-2024-35208",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"notes": [
{
"category": "other",
"text": "Insufficiently Protected Credentials",
"title": "CWE-522"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35208",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35208.json"
}
],
"title": "CVE-2024-35208"
},
{
"cve": "CVE-2024-35209",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"notes": [
{
"category": "other",
"text": "Exposed Dangerous Method or Function",
"title": "CWE-749"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35209",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35209.json"
}
],
"title": "CVE-2024-35209"
},
{
"cve": "CVE-2024-35210",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Cleartext Transmission of Sensitive Information",
"title": "CWE-319"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35210",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35210.json"
}
],
"title": "CVE-2024-35210"
},
{
"cve": "CVE-2024-35211",
"cwe": {
"id": "CWE-614",
"name": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute"
},
"notes": [
{
"category": "other",
"text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
"title": "CWE-614"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35211",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35211.json"
}
],
"title": "CVE-2024-35211"
},
{
"cve": "CVE-2024-35212",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35212",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35212.json"
}
],
"title": "CVE-2024-35212"
},
{
"cve": "CVE-2024-35292",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "other",
"text": "Use of Insufficiently Random Values",
"title": "CWE-330"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35292",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35292.json"
}
],
"title": "CVE-2024-35292"
},
{
"cve": "CVE-2024-35303",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"notes": [
{
"category": "other",
"text": "Incorrect Type Conversion or Cast",
"title": "CWE-704"
}
],
"product_status": {
"known_affected": [
"CSAFPID-166120"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-35303",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35303.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-166120"
]
}
],
"title": "CVE-2024-35303"
},
{
"cve": "CVE-2024-36266",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "other",
"text": "Improper Authentication",
"title": "CWE-287"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-36266",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36266.json"
}
],
"title": "CVE-2024-36266"
},
{
"cve": "CVE-2021-47178",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2021-47178",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-47178.json"
}
],
"title": "CVE-2021-47178"
},
{
"cve": "CVE-2022-1015",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-1015",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1015.json"
}
],
"title": "CVE-2022-1015"
},
{
"cve": "CVE-2022-2097",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "other",
"text": "Inadequate Encryption Strength",
"title": "CWE-326"
},
{
"category": "other",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-2097",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2097.json"
}
],
"title": "CVE-2022-2097"
},
{
"cve": "CVE-2022-3435",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-3435",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3435.json"
}
],
"title": "CVE-2022-3435"
},
{
"cve": "CVE-2022-3545",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-3545",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3545.json"
}
],
"title": "CVE-2022-3545"
},
{
"cve": "CVE-2022-3623",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"notes": [
{
"category": "other",
"text": "Write-what-where Condition",
"title": "CWE-123"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-3623",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3623.json"
}
],
"title": "CVE-2022-3623"
},
{
"cve": "CVE-2022-3643",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-3643",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3643.json"
}
],
"title": "CVE-2022-3643"
},
{
"cve": "CVE-2022-4304",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "other",
"text": "Inadequate Encryption Strength",
"title": "CWE-326"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-4304",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-4304.json"
}
],
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-4450",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-4450.json"
}
],
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2022-36323",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-36323",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36323.json"
}
],
"title": "CVE-2022-36323"
},
{
"cve": "CVE-2022-39189",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-39189",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-39189.json"
}
],
"title": "CVE-2022-39189"
},
{
"cve": "CVE-2022-40225",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"notes": [
{
"category": "other",
"text": "Incorrect Conversion between Numeric Types",
"title": "CWE-681"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-40225",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40225.json"
}
],
"title": "CVE-2022-40225"
},
{
"cve": "CVE-2022-40303",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-40303",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40303.json"
}
],
"title": "CVE-2022-40303"
},
{
"cve": "CVE-2022-40304",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-40304",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40304.json"
}
],
"title": "CVE-2022-40304"
},
{
"cve": "CVE-2022-41742",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-41742",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41742.json"
}
],
"title": "CVE-2022-41742"
},
{
"cve": "CVE-2022-42328",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "other",
"text": "Improper Locking",
"title": "CWE-667"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-42328",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42328.json"
}
],
"title": "CVE-2022-42328"
},
{
"cve": "CVE-2022-42329",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "other",
"text": "Improper Locking",
"title": "CWE-667"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-42329",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42329.json"
}
],
"title": "CVE-2022-42329"
},
{
"cve": "CVE-2022-44792",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-44792",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-44792.json"
}
],
"title": "CVE-2022-44792"
},
{
"cve": "CVE-2022-44793",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-44793",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-44793.json"
}
],
"title": "CVE-2022-44793"
},
{
"cve": "CVE-2022-45886",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-45886",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45886.json"
}
],
"title": "CVE-2022-45886"
},
{
"cve": "CVE-2022-45887",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-45887",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45887.json"
}
],
"title": "CVE-2022-45887"
},
{
"cve": "CVE-2022-45919",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-45919",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45919.json"
}
],
"title": "CVE-2022-45919"
},
{
"cve": "CVE-2022-46144",
"cwe": {
"id": "CWE-664",
"name": "Improper Control of a Resource Through its Lifetime"
},
"notes": [
{
"category": "other",
"text": "Improper Control of a Resource Through its Lifetime",
"title": "CWE-664"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-46144",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46144.json"
}
],
"title": "CVE-2022-46144"
},
{
"cve": "CVE-2023-0160",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"notes": [
{
"category": "other",
"text": "Deadlock",
"title": "CWE-833"
},
{
"category": "other",
"text": "Improper Locking",
"title": "CWE-667"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0160",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0160.json"
}
],
"title": "CVE-2023-0160"
},
{
"cve": "CVE-2023-0215",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0215",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0215.json"
}
],
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0286",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"notes": [
{
"category": "other",
"text": "Incorrect Type Conversion or Cast",
"title": "CWE-704"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0286",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0286.json"
}
],
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0464",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0464",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0464.json"
}
],
"title": "CVE-2023-0464"
},
{
"cve": "CVE-2023-0465",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0465",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0465.json"
}
],
"title": "CVE-2023-0465"
},
{
"cve": "CVE-2023-0466",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0466",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0466.json"
}
],
"title": "CVE-2023-0466"
},
{
"cve": "CVE-2023-1017",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-1017",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-1017.json"
}
],
"title": "CVE-2023-1017"
},
{
"cve": "CVE-2023-2124",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-2124",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2124.json"
}
],
"title": "CVE-2023-2124"
},
{
"cve": "CVE-2023-2269",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "other",
"text": "Improper Locking",
"title": "CWE-667"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-2269",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2269.json"
}
],
"title": "CVE-2023-2269"
},
{
"cve": "CVE-2023-3446",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-3446",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3446.json"
}
],
"title": "CVE-2023-3446"
},
{
"cve": "CVE-2023-3817",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Excessive Iteration",
"title": "CWE-834"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-3817",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3817.json"
}
],
"title": "CVE-2023-3817"
},
{
"cve": "CVE-2023-5678",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "other",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-5678",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5678.json"
}
],
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2023-21255",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-21255",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-21255.json"
}
],
"title": "CVE-2023-21255"
},
{
"cve": "CVE-2023-21808",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-21808",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-21808.json"
}
],
"title": "CVE-2023-21808"
},
{
"cve": "CVE-2023-24895",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-24895",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24895.json"
}
],
"title": "CVE-2023-24895"
},
{
"cve": "CVE-2023-24897",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-24897",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24897.json"
}
],
"title": "CVE-2023-24897"
},
{
"cve": "CVE-2023-24936",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-24936",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24936.json"
}
],
"title": "CVE-2023-24936"
},
{
"cve": "CVE-2023-26552",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-26552",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json"
}
],
"title": "CVE-2023-26552"
},
{
"cve": "CVE-2023-26553",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-26553",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json"
}
],
"title": "CVE-2023-26553"
},
{
"cve": "CVE-2023-26554",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-26554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json"
}
],
"title": "CVE-2023-26554"
},
{
"cve": "CVE-2023-27321",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-27321",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-27321.json"
}
],
"title": "CVE-2023-27321"
},
{
"cve": "CVE-2023-28260",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-28260",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28260.json"
}
],
"title": "CVE-2023-28260"
}
]
}
OPENSUSE-SU-2024:14314-1
Vulnerability from csaf_opensuse - Published: 2024-09-05 00:00 - Updated: 2024-09-05 00:00Summary
klp-build-0~20240902.c95cc9e-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: klp-build-0~20240902.c95cc9e-1.1 on GA media
Description of the patch: These are all security issues fixed in the klp-build-0~20240902.c95cc9e-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-14314
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "klp-build-0~20240902.c95cc9e-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the klp-build-0~20240902.c95cc9e-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14314",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14314-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0775 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35817 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36921/"
}
],
"title": "klp-build-0~20240902.c95cc9e-1.1 on GA media",
"tracking": {
"current_release_date": "2024-09-05T00:00:00Z",
"generator": {
"date": "2024-09-05T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14314-1",
"initial_release_date": "2024-09-05T00:00:00Z",
"revision_history": [
{
"date": "2024-09-05T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "klp-build-0~20240902.c95cc9e-1.1.aarch64",
"product": {
"name": "klp-build-0~20240902.c95cc9e-1.1.aarch64",
"product_id": "klp-build-0~20240902.c95cc9e-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "klp-build-0~20240902.c95cc9e-1.1.ppc64le",
"product": {
"name": "klp-build-0~20240902.c95cc9e-1.1.ppc64le",
"product_id": "klp-build-0~20240902.c95cc9e-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "klp-build-0~20240902.c95cc9e-1.1.s390x",
"product": {
"name": "klp-build-0~20240902.c95cc9e-1.1.s390x",
"product_id": "klp-build-0~20240902.c95cc9e-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "klp-build-0~20240902.c95cc9e-1.1.x86_64",
"product": {
"name": "klp-build-0~20240902.c95cc9e-1.1.x86_64",
"product_id": "klp-build-0~20240902.c95cc9e-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "klp-build-0~20240902.c95cc9e-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.aarch64"
},
"product_reference": "klp-build-0~20240902.c95cc9e-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "klp-build-0~20240902.c95cc9e-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.ppc64le"
},
"product_reference": "klp-build-0~20240902.c95cc9e-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "klp-build-0~20240902.c95cc9e-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.s390x"
},
"product_reference": "klp-build-0~20240902.c95cc9e-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "klp-build-0~20240902.c95cc9e-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.x86_64"
},
"product_reference": "klp-build-0~20240902.c95cc9e-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-0775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0775"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.aarch64",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.ppc64le",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.s390x",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0775",
"url": "https://www.suse.com/security/cve/CVE-2024-0775"
},
{
"category": "external",
"summary": "SUSE Bug 1219053 for CVE-2024-0775",
"url": "https://bugzilla.suse.com/1219053"
},
{
"category": "external",
"summary": "SUSE Bug 1219082 for CVE-2024-0775",
"url": "https://bugzilla.suse.com/1219082"
},
{
"category": "external",
"summary": "SUSE Bug 1224298 for CVE-2024-0775",
"url": "https://bugzilla.suse.com/1224298"
},
{
"category": "external",
"summary": "SUSE Bug 1224878 for CVE-2024-0775",
"url": "https://bugzilla.suse.com/1224878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.aarch64",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.ppc64le",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.s390x",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.aarch64",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.ppc64le",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.s390x",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-09-05T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-0775"
},
{
"cve": "CVE-2024-35817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35817"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag\n\nOtherwise after the GTT bo is released, the GTT and gart space is freed\nbut amdgpu_ttm_backend_unbind will not clear the gart page table entry\nand leave valid mapping entry pointing to the stale system page. Then\nif GPU access the gart address mistakely, it will read undefined value\ninstead page fault, harder to debug and reproduce the real issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.aarch64",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.ppc64le",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.s390x",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35817",
"url": "https://www.suse.com/security/cve/CVE-2024-35817"
},
{
"category": "external",
"summary": "SUSE Bug 1224736 for CVE-2024-35817",
"url": "https://bugzilla.suse.com/1224736"
},
{
"category": "external",
"summary": "SUSE Bug 1225313 for CVE-2024-35817",
"url": "https://bugzilla.suse.com/1225313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.aarch64",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.ppc64le",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.s390x",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.aarch64",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.ppc64le",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.s390x",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-09-05T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-35817"
},
{
"cve": "CVE-2024-36921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: guard against invalid STA ID on removal\n\nGuard against invalid station IDs in iwl_mvm_mld_rm_sta_id as that would\nresult in out-of-bounds array accesses. This prevents issues should the\ndriver get into a bad state during error handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.aarch64",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.ppc64le",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.s390x",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36921",
"url": "https://www.suse.com/security/cve/CVE-2024-36921"
},
{
"category": "external",
"summary": "SUSE Bug 1225769 for CVE-2024-36921",
"url": "https://bugzilla.suse.com/1225769"
},
{
"category": "external",
"summary": "SUSE Bug 1225850 for CVE-2024-36921",
"url": "https://bugzilla.suse.com/1225850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.aarch64",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.ppc64le",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.s390x",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.aarch64",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.ppc64le",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.s390x",
"openSUSE Tumbleweed:klp-build-0~20240902.c95cc9e-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-09-05T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-36921"
}
]
}
SSA-337522
Vulnerability from csaf_siemens - Published: 2024-06-11 00:00 - Updated: 2024-07-09 00:00Summary
SSA-337522: Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8
Notes
Summary: Siemens has released new versions for the affected products and recommends to update to the latest versions.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
CWE-20
- Improper Input Validation
Affected products
Known affected
2 products
CWE-787
- Out-of-bounds Write
Affected products
Known affected
2 products
CWE-326
- Inadequate Encryption Strength
Affected products
Known affected
2 products
CWE-415
- Double Free
Affected products
Known affected
2 products
CWE-311
- Missing Encryption of Sensitive Data
Affected products
Known affected
2 products
CWE-681
- Incorrect Conversion between Numeric Types
Affected products
Known affected
2 products
CWE-190
- Integer Overflow or Wraparound
Affected products
Known affected
2 products
CWE-415
- Double Free
Affected products
Known affected
2 products
CWE-20
- Improper Input Validation
Affected products
Known affected
2 products
CWE-362
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Affected products
Known affected
2 products
CWE-416
- Use After Free
Affected products
Known affected
2 products
CWE-667
- Improper Locking
Affected products
Known affected
2 products
CWE-416
- Use After Free
Affected products
Known affected
2 products
CWE-20
- Improper Input Validation
Affected products
Known affected
2 products
CWE-295
- Improper Certificate Validation
Affected products
Known affected
2 products
CWE-295
- Improper Certificate Validation
Affected products
Known affected
2 products
CWE-295
- Improper Certificate Validation
Affected products
Known affected
2 products
CWE-787
- Out-of-bounds Write
Affected products
Known affected
2 products
CWE-787
- Out-of-bounds Write
Affected products
Known affected
2 products
CWE-667
- Improper Locking
Affected products
Known affected
2 products
CWE-787
- Out-of-bounds Write
Affected products
Known affected
2 products
7.5 (High)
Affected products
Known affected
2 products
CWE-416
- Use After Free
Affected products
Known affected
2 products
CWE-787
- Out-of-bounds Write
Affected products
Known affected
2 products
CWE-362
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Affected products
Known affected
2 products
CWE-362
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Affected products
Known affected
2 products
CWE-362
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Affected products
Known affected
2 products
CWE-416
- Use After Free
Affected products
Known affected
2 products
CWE-835
- Loop with Unreachable Exit Condition ('Infinite Loop')
Affected products
Known affected
2 products
CWE-20
- Improper Input Validation
Affected products
Known affected
2 products
CWE-20
- Improper Input Validation
Affected products
Known affected
2 products
References
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Siemens has released new versions for the affected products and recommends to update to the latest versions.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-337522: Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-337522.html"
},
{
"category": "self",
"summary": "SSA-337522: Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-337522.json"
},
{
"category": "self",
"summary": "SSA-337522: Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8 - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-337522.pdf"
},
{
"category": "self",
"summary": "SSA-337522: Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8 - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-337522.txt"
}
],
"title": "SSA-337522: Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8",
"tracking": {
"current_release_date": "2024-07-09T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-337522",
"initial_release_date": "2024-06-11T00:00:00Z",
"revision_history": [
{
"date": "2024-06-11T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2024-07-09T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Updated contents of CVE-2023-27321 (OPC Foundation UA .NET Standard: Description, CVSS vector, CWE)"
}
],
"status": "interim",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.4.8",
"product": {
"name": "SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0)",
"product_id": "1",
"product_identification_helper": {
"model_numbers": [
"6AG1543-1MX00-7XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.4.8",
"product": {
"name": "TIM 1531 IRC (6GK7543-1MX00-0XE0)",
"product_id": "2",
"product_identification_helper": {
"model_numbers": [
"6GK7543-1MX00-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "TIM 1531 IRC (6GK7543-1MX00-0XE0)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47178",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Avoid smp_processor_id() in preemptible code.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2021-47178"
},
{
"cve": "CVE-2022-1015",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2022-1015"
},
{
"cve": "CVE-2022-4304",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "summary",
"text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2022-39189",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2022-39189"
},
{
"cve": "CVE-2022-40225",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"notes": [
{
"category": "summary",
"text": "Casting an internal value could lead to floating point exception under certain circumstances. This could allow an attacker to cause a denial of service condition on affected devices.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2022-40225"
},
{
"cve": "CVE-2022-40303",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2022-40303"
},
{
"cve": "CVE-2022-40304",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2022-40304"
},
{
"cve": "CVE-2022-45886",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2022-45886"
},
{
"cve": "CVE-2022-45887",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2022-45887"
},
{
"cve": "CVE-2022-45919",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2022-45919"
},
{
"cve": "CVE-2023-0160",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "A deadlock flaw was found in the Linux kernel\u2019s BPF subsystem. This flaw allows a local user to potentially crash the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-0160"
},
{
"cve": "CVE-2023-0215",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0286",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0464",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-0464"
},
{
"cve": "CVE-2023-0465",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-0465"
},
{
"cve": "CVE-2023-0466",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "The function X509_VERIFY_PARAM_add0_policy() is documented to\nimplicitly enable the certificate policy check when doing certificate\nverification. However the implementation of the function does not\nenable the check which allows certificates with invalid or incorrect\npolicies to pass the certificate verification.\n\nAs suddenly enabling the policy check could break existing deployments it was\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\nfunction.\n\nInstead the applications that require OpenSSL to perform certificate\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\nthe X509_V_FLAG_POLICY_CHECK flag argument.\n\nCertificate policy checks are disabled by default in OpenSSL and are not\ncommonly used by applications.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-0466"
},
{
"cve": "CVE-2023-1017",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds write vulnerability exists in TPM2.0\u0027s Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-1017"
},
{
"cve": "CVE-2023-2124",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds memory access flaw was found in the Linux kernel\u2019s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-2124"
},
{
"cve": "CVE-2023-2269",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-2269"
},
{
"cve": "CVE-2023-21255",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-21255"
},
{
"cve": "CVE-2023-27321",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"notes": [
{
"category": "summary",
"text": "OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20505.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-27321"
},
{
"cve": "CVE-2023-28319",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use after free vulnerability exists in curl \u003cv8.1.0 in the way libcurl offers a feature to verify an SSH server\u0027s public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-28319"
},
{
"cve": "CVE-2023-35788",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-35788"
},
{
"cve": "CVE-2023-35823",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-35823"
},
{
"cve": "CVE-2023-35824",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-35824"
},
{
"cve": "CVE-2023-35828",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-35828"
},
{
"cve": "CVE-2023-35829",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-35829"
},
{
"cve": "CVE-2023-41910",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdp_decode in daemon/protocols/cdp.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-41910"
},
{
"cve": "CVE-2023-50763",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The web server of affected products, if configured to allow the import of PKCS12 containers, could end up in an infinite loop when processing incomplete certificate chains.\r\n\r\nThis could allow an authenticated remote attacker to create a denial of service condition by importing specially crafted PKCS12 containers.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-50763"
},
{
"cve": "CVE-2023-52474",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests hfi1 user SDMA request processing has two bugs that can cause data corruption for user SDMA requests that have multiple payload iovecs where an iovec other than the tail iovec does not run up to the page boundary for the buffer pointed to by that iovec.a Here are the specific bugs: 1. user_sdma_txadd() does not use struct user_sdma_iovec-\u003eiov.iov_len. Rather, user_sdma_txadd() will add up to PAGE_SIZE bytes from iovec to the packet, even if some of those bytes are past iovec-\u003eiov.iov_len and are thus not intended to be in the packet. 2. user_sdma_txadd() and user_sdma_send_pkts() fail to advance to the next iovec in user_sdma_request-\u003eiovs when the current iovec is not PAGE_SIZE and does not contain enough data to complete the packet. The transmitted packet will contain the wrong data from the iovec pages. This has not been an issue with SDMA packets from hfi1 Verbs or PSM2 because they only produce iovecs that end short of PAGE_SIZE as the tail iovec of an SDMA request. Fixing these bugs exposes other bugs with the SDMA pin cache (struct mmu_rb_handler) that get in way of supporting user SDMA requests with multiple payload iovecs whose buffers do not end at PAGE_SIZE. So this commit fixes those issues as well. Here are the mmu_rb_handler bugs that non-PAGE_SIZE-end multi-iovec payload user SDMA requests can hit: 1. Overlapping memory ranges in mmu_rb_handler will result in duplicate pinnings. 2. When extending an existing mmu_rb_handler entry (struct mmu_rb_node), the mmu_rb code (1) removes the existing entry under a lock, (2) releases that lock, pins the new pages, (3) then reacquires the lock to insert the extended mmu_rb_node. If someone else comes in and inserts an overlapping entry between (2) and (3), insert in (3) will fail. The failure path code in this case unpins _all_ pages in either the original mmu_rb_node or the new mmu_rb_node that was inserted between (2) and (3). 3. In hfi1_mmu_rb_remove_unless_exact(), mmu_rb_node-\u003erefcount is incremented outside of mmu_rb_handler-\u003elock. As a result, mmu_rb_node could be evicted by another thread that gets mmu_rb_handler-\u003elock and checks mmu_rb_node-\u003erefcount before mmu_rb_node-\u003erefcount is incremented. 4. Related to #2 above, SDMA request submission failure path does not check mmu_rb_node-\u003erefcount before freeing mmu_rb_node object. If there are other SDMA requests in progress whose iovecs have pointers to the now-freed mmu_rb_node(s), those pointers to the now-freed mmu_rb nodes will be dereferenced when those SDMA requests complete.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-52474"
},
{
"cve": "CVE-2024-0775",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.4.8 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954889/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2024-0775"
}
]
}
SUSE-SU-2024:0463-1
Vulnerability from csaf_suse - Published: 2024-02-14 08:17 - Updated: 2024-02-14 08:17Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434).
- CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218730).
- CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment (bsc#1218836).
- CVE-2021-33631: Fixed an integer overflow in ext4_write_inline_data_end() (bsc#1219412).
- CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).
- CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).
- CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).
- CVE-2023-47233: Fixed a use-after-free in the device unplugging (disconnect the USB by hotplug) code inside the brcm80211 component (bsc#1216702).
- CVE-2023-51043: Fixed use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (bsc#1219120).
- CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219053).
- CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1218832).
- CVE-2023-6915: Fixed a NULL pointer dereference problem in ida_free in lib/idr.c (bsc#1218804).
- CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function (bsc#1218752).
- CVE-2023-51782: Fixed use-after-free in rose_ioctl in net/rose/af_rose.c because of a rose_accept race condition (bsc#1218757).
The following non-security bugs were fixed:
- Store the old kernel changelog entries in kernel-docs package (bsc#1218713).
- x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
Patchnames: SUSE-2024-463,SUSE-SUSE-MicroOS-5.1-2024-463,SUSE-SUSE-MicroOS-5.2-2024-463
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.7 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.7 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.1 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
79 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434).\n- CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218730).\n- CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment (bsc#1218836).\n- CVE-2021-33631: Fixed an integer overflow in ext4_write_inline_data_end() (bsc#1219412).\n- CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).\n- CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).\n- CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).\n- CVE-2023-47233: Fixed a use-after-free in the device unplugging (disconnect the USB by hotplug) code inside the brcm80211 component (bsc#1216702).\n- CVE-2023-51043: Fixed use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (bsc#1219120).\n- CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219053).\n- CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1218832).\n- CVE-2023-6915: Fixed a NULL pointer dereference problem in ida_free in lib/idr.c (bsc#1218804).\n- CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function (bsc#1218752).\n- CVE-2023-51782: Fixed use-after-free in rose_ioctl in net/rose/af_rose.c because of a rose_accept race condition (bsc#1218757).\n\nThe following non-security bugs were fixed:\n\n- Store the old kernel changelog entries in kernel-docs package (bsc#1218713).\n- x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-463,SUSE-SUSE-MicroOS-5.1-2024-463,SUSE-SUSE-MicroOS-5.2-2024-463",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0463-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:0463-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20240463-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:0463-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017916.html"
},
{
"category": "self",
"summary": "SUSE Bug 1108281",
"url": "https://bugzilla.suse.com/1108281"
},
{
"category": "self",
"summary": "SUSE Bug 1193285",
"url": "https://bugzilla.suse.com/1193285"
},
{
"category": "self",
"summary": "SUSE Bug 1216702",
"url": "https://bugzilla.suse.com/1216702"
},
{
"category": "self",
"summary": "SUSE Bug 1217987",
"url": "https://bugzilla.suse.com/1217987"
},
{
"category": "self",
"summary": "SUSE Bug 1217988",
"url": "https://bugzilla.suse.com/1217988"
},
{
"category": "self",
"summary": "SUSE Bug 1217989",
"url": "https://bugzilla.suse.com/1217989"
},
{
"category": "self",
"summary": "SUSE Bug 1218713",
"url": "https://bugzilla.suse.com/1218713"
},
{
"category": "self",
"summary": "SUSE Bug 1218730",
"url": "https://bugzilla.suse.com/1218730"
},
{
"category": "self",
"summary": "SUSE Bug 1218752",
"url": "https://bugzilla.suse.com/1218752"
},
{
"category": "self",
"summary": "SUSE Bug 1218757",
"url": "https://bugzilla.suse.com/1218757"
},
{
"category": "self",
"summary": "SUSE Bug 1218768",
"url": "https://bugzilla.suse.com/1218768"
},
{
"category": "self",
"summary": "SUSE Bug 1218804",
"url": "https://bugzilla.suse.com/1218804"
},
{
"category": "self",
"summary": "SUSE Bug 1218832",
"url": "https://bugzilla.suse.com/1218832"
},
{
"category": "self",
"summary": "SUSE Bug 1218836",
"url": "https://bugzilla.suse.com/1218836"
},
{
"category": "self",
"summary": "SUSE Bug 1219053",
"url": "https://bugzilla.suse.com/1219053"
},
{
"category": "self",
"summary": "SUSE Bug 1219120",
"url": "https://bugzilla.suse.com/1219120"
},
{
"category": "self",
"summary": "SUSE Bug 1219412",
"url": "https://bugzilla.suse.com/1219412"
},
{
"category": "self",
"summary": "SUSE Bug 1219434",
"url": "https://bugzilla.suse.com/1219434"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33631 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-46838 page",
"url": "https://www.suse.com/security/cve/CVE-2023-46838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47233 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-51043 page",
"url": "https://www.suse.com/security/cve/CVE-2023-51043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-51780 page",
"url": "https://www.suse.com/security/cve/CVE-2023-51780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-51782 page",
"url": "https://www.suse.com/security/cve/CVE-2023-51782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6040 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6356 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6356/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6535 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6536 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6915 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0565 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0775 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-1086 page",
"url": "https://www.suse.com/security/cve/CVE-2024-1086/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-02-14T08:17:58Z",
"generator": {
"date": "2024-02-14T08:17:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:0463-1",
"initial_release_date": "2024-02-14T08:17:58Z",
"revision_history": [
{
"date": "2024-02-14T08:17:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.3.18-150300.158.1.noarch",
"product": {
"name": "kernel-devel-rt-5.3.18-150300.158.1.noarch",
"product_id": "kernel-devel-rt-5.3.18-150300.158.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.3.18-150300.158.1.noarch",
"product": {
"name": "kernel-source-rt-5.3.18-150300.158.1.noarch",
"product_id": "kernel-source-rt-5.3.18-150300.158.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.3.18-150300.158.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.3.18-150300.158.1.x86_64",
"product_id": "cluster-md-kmp-rt-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-5.3.18-150300.158.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-5.3.18-150300.158.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.3.18-150300.158.1.x86_64",
"product": {
"name": "dlm-kmp-rt-5.3.18-150300.158.1.x86_64",
"product_id": "dlm-kmp-rt-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-5.3.18-150300.158.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-5.3.18-150300.158.1.x86_64",
"product_id": "dlm-kmp-rt_debug-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.3.18-150300.158.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.3.18-150300.158.1.x86_64",
"product_id": "gfs2-kmp-rt-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-5.3.18-150300.158.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-5.3.18-150300.158.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.3.18-150300.158.1.x86_64",
"product": {
"name": "kernel-rt-5.3.18-150300.158.1.x86_64",
"product_id": "kernel-rt-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.3.18-150300.158.1.x86_64",
"product": {
"name": "kernel-rt-devel-5.3.18-150300.158.1.x86_64",
"product_id": "kernel-rt-devel-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.3.18-150300.158.1.x86_64",
"product": {
"name": "kernel-rt-extra-5.3.18-150300.158.1.x86_64",
"product_id": "kernel-rt-extra-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.3.18-150300.158.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.3.18-150300.158.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-5.3.18-150300.158.1.x86_64",
"product": {
"name": "kernel-rt-optional-5.3.18-150300.158.1.x86_64",
"product_id": "kernel-rt-optional-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.3.18-150300.158.1.x86_64",
"product": {
"name": "kernel-rt_debug-5.3.18-150300.158.1.x86_64",
"product_id": "kernel-rt_debug-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.3.18-150300.158.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.3.18-150300.158.1.x86_64",
"product_id": "kernel-rt_debug-devel-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-5.3.18-150300.158.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-5.3.18-150300.158.1.x86_64",
"product_id": "kernel-rt_debug-extra-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.158.1.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.158.1.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-optional-5.3.18-150300.158.1.x86_64",
"product": {
"name": "kernel-rt_debug-optional-5.3.18-150300.158.1.x86_64",
"product_id": "kernel-rt_debug-optional-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.3.18-150300.158.1.x86_64",
"product": {
"name": "kernel-syms-rt-5.3.18-150300.158.1.x86_64",
"product_id": "kernel-syms-rt-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.3.18-150300.158.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.3.18-150300.158.1.x86_64",
"product_id": "kselftests-kmp-rt-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-5.3.18-150300.158.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-5.3.18-150300.158.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.3.18-150300.158.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.3.18-150300.158.1.x86_64",
"product_id": "ocfs2-kmp-rt-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-5.3.18-150300.158.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-5.3.18-150300.158.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.3.18-150300.158.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.3.18-150300.158.1.x86_64",
"product_id": "reiserfs-kmp-rt-5.3.18-150300.158.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt_debug-5.3.18-150300.158.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt_debug-5.3.18-150300.158.1.x86_64",
"product_id": "reiserfs-kmp-rt_debug-5.3.18-150300.158.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.158.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.158.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.158.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.158.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-33631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33631"
}
],
"notes": [
{
"category": "general",
"text": "Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33631",
"url": "https://www.suse.com/security/cve/CVE-2021-33631"
},
{
"category": "external",
"summary": "SUSE Bug 1219412 for CVE-2021-33631",
"url": "https://bugzilla.suse.com/1219412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T08:17:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-33631"
},
{
"cve": "CVE-2023-46838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-46838"
}
],
"notes": [
{
"category": "general",
"text": "Transmit requests in Xen\u0027s virtual network protocol can consist of\nmultiple parts. While not really useful, except for the initial part\nany of them may be of zero length, i.e. carry no data at all. Besides a\ncertain initial portion of the to be transferred data, these parts are\ndirectly translated into what Linux calls SKB fragments. Such converted\nrequest parts can, when for a particular SKB they are all of length\nzero, lead to a de-reference of NULL in core networking code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-46838",
"url": "https://www.suse.com/security/cve/CVE-2023-46838"
},
{
"category": "external",
"summary": "SUSE Bug 1218836 for CVE-2023-46838",
"url": "https://bugzilla.suse.com/1218836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T08:17:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-46838"
},
{
"cve": "CVE-2023-47233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47233"
}
],
"notes": [
{
"category": "general",
"text": "The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this \"could be exploited in a real world scenario.\" This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47233",
"url": "https://www.suse.com/security/cve/CVE-2023-47233"
},
{
"category": "external",
"summary": "SUSE Bug 1216702 for CVE-2023-47233",
"url": "https://bugzilla.suse.com/1216702"
},
{
"category": "external",
"summary": "SUSE Bug 1224592 for CVE-2023-47233",
"url": "https://bugzilla.suse.com/1224592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T08:17:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-47233"
},
{
"cve": "CVE-2023-51043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-51043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-51043",
"url": "https://www.suse.com/security/cve/CVE-2023-51043"
},
{
"category": "external",
"summary": "SUSE Bug 1219120 for CVE-2023-51043",
"url": "https://bugzilla.suse.com/1219120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T08:17:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-51043"
},
{
"cve": "CVE-2023-51780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-51780"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-51780",
"url": "https://www.suse.com/security/cve/CVE-2023-51780"
},
{
"category": "external",
"summary": "SUSE Bug 1218730 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1218730"
},
{
"category": "external",
"summary": "SUSE Bug 1218733 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1218733"
},
{
"category": "external",
"summary": "SUSE Bug 1220191 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1220191"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1221598"
},
{
"category": "external",
"summary": "SUSE Bug 1224298 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1224298"
},
{
"category": "external",
"summary": "SUSE Bug 1224878 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1224878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T08:17:58Z",
"details": "important"
}
],
"title": "CVE-2023-51780"
},
{
"cve": "CVE-2023-51782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-51782"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-51782",
"url": "https://www.suse.com/security/cve/CVE-2023-51782"
},
{
"category": "external",
"summary": "SUSE Bug 1218757 for CVE-2023-51782",
"url": "https://bugzilla.suse.com/1218757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T08:17:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-51782"
},
{
"cve": "CVE-2023-6040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6040"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6040",
"url": "https://www.suse.com/security/cve/CVE-2023-6040"
},
{
"category": "external",
"summary": "SUSE Bug 1218752 for CVE-2023-6040",
"url": "https://bugzilla.suse.com/1218752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T08:17:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-6040"
},
{
"cve": "CVE-2023-6356",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6356"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6356",
"url": "https://www.suse.com/security/cve/CVE-2023-6356"
},
{
"category": "external",
"summary": "SUSE Bug 1217987 for CVE-2023-6356",
"url": "https://bugzilla.suse.com/1217987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T08:17:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-6356"
},
{
"cve": "CVE-2023-6535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6535"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6535",
"url": "https://www.suse.com/security/cve/CVE-2023-6535"
},
{
"category": "external",
"summary": "SUSE Bug 1217988 for CVE-2023-6535",
"url": "https://bugzilla.suse.com/1217988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T08:17:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-6535"
},
{
"cve": "CVE-2023-6536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6536"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6536",
"url": "https://www.suse.com/security/cve/CVE-2023-6536"
},
{
"category": "external",
"summary": "SUSE Bug 1217989 for CVE-2023-6536",
"url": "https://bugzilla.suse.com/1217989"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T08:17:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-6536"
},
{
"cve": "CVE-2023-6915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6915"
}
],
"notes": [
{
"category": "general",
"text": "A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6915",
"url": "https://www.suse.com/security/cve/CVE-2023-6915"
},
{
"category": "external",
"summary": "SUSE Bug 1218804 for CVE-2023-6915",
"url": "https://bugzilla.suse.com/1218804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T08:17:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-6915"
},
{
"cve": "CVE-2024-0565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0565"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0565",
"url": "https://www.suse.com/security/cve/CVE-2024-0565"
},
{
"category": "external",
"summary": "SUSE Bug 1218832 for CVE-2024-0565",
"url": "https://bugzilla.suse.com/1218832"
},
{
"category": "external",
"summary": "SUSE Bug 1219078 for CVE-2024-0565",
"url": "https://bugzilla.suse.com/1219078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T08:17:58Z",
"details": "important"
}
],
"title": "CVE-2024-0565"
},
{
"cve": "CVE-2024-0775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0775"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0775",
"url": "https://www.suse.com/security/cve/CVE-2024-0775"
},
{
"category": "external",
"summary": "SUSE Bug 1219053 for CVE-2024-0775",
"url": "https://bugzilla.suse.com/1219053"
},
{
"category": "external",
"summary": "SUSE Bug 1219082 for CVE-2024-0775",
"url": "https://bugzilla.suse.com/1219082"
},
{
"category": "external",
"summary": "SUSE Bug 1224298 for CVE-2024-0775",
"url": "https://bugzilla.suse.com/1224298"
},
{
"category": "external",
"summary": "SUSE Bug 1224878 for CVE-2024-0775",
"url": "https://bugzilla.suse.com/1224878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T08:17:58Z",
"details": "important"
}
],
"title": "CVE-2024-0775"
},
{
"cve": "CVE-2024-1086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-1086"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.\n\nWe recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-1086",
"url": "https://www.suse.com/security/cve/CVE-2024-1086"
},
{
"category": "external",
"summary": "SUSE Bug 1219434 for CVE-2024-1086",
"url": "https://bugzilla.suse.com/1219434"
},
{
"category": "external",
"summary": "SUSE Bug 1219435 for CVE-2024-1086",
"url": "https://bugzilla.suse.com/1219435"
},
{
"category": "external",
"summary": "SUSE Bug 1224298 for CVE-2024-1086",
"url": "https://bugzilla.suse.com/1224298"
},
{
"category": "external",
"summary": "SUSE Bug 1224878 for CVE-2024-1086",
"url": "https://bugzilla.suse.com/1224878"
},
{
"category": "external",
"summary": "SUSE Bug 1226066 for CVE-2024-1086",
"url": "https://bugzilla.suse.com/1226066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.158.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.158.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T08:17:58Z",
"details": "important"
}
],
"title": "CVE-2024-1086"
}
]
}
SUSE-SU-2024:0468-1
Vulnerability from csaf_suse - Published: 2024-02-14 12:19 - Updated: 2024-02-14 12:19Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434).
- CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218730).
- CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment (bsc#1218836).
- CVE-2021-33631: Fixed an integer overflow in ext4_write_inline_data_end() (bsc#1219412).
- CVE-2023-47233: Fixed a use-after-free in the device unplugging (disconnect the USB by hotplug) code inside the brcm80211 component (bsc#1216702).
- CVE-2023-51043: Fixed use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (bsc#1219120).
- CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219053).
- CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function (bsc#1218752).
- CVE-2023-51782: Fixed use-after-free in rose_ioctl in net/rose/af_rose.c because of a rose_accept race condition (bsc#1218757).
The following non-security bugs were fixed:
- 9p: missing chunk of 'fs/9p: Do not update file type when updating file attributes' (git-fixes).
- ACPICA: Avoid cache flush inside virtual machines (git-fixes).
- Fix build error in debug config
- GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads (git-fixes).
- KVM: s390: vsie: Fix STFLE interpretive execution identification (git-fixes bsc#1219022).
- Limit kernel-source build to architectures for which the kernel binary is built (bsc#1108281).
- UAPI: ndctl: Fix g++-unsupported initialisation in headers (git-fixes).
- USB: serial: option: add Fibocom to DELL custom modem FM101R-GL (git-fixes).
- USB: serial: option: add Telit LE910C4-WWX 0x1035 composition (git-fixes).
- USB: serial: option: add entry for Sierra EM9191 with new firmware (git-fixes).
- USB: serial: option: fix FM101R-GL defines (git-fixes).
- acpi/nfit: Require opt-in for read-only label configurations (git-fixes).
- acpi/nfit: improve bounds checking for 'func' (git-fixes).
- affs: fix basic permission bits to actually work (git-fixes).
- aio: fix mremap after fork null-deref (git-fixes).
- asix: Add check for usbnet_get_endpoints (git-fixes).
- ceph: fix incorrect revoked caps assert in ceph_fill_file_size() (bsc#1219445).
- chardev: fix error handling in cdev_device_add() (git-fixes).
- configfs: fix a deadlock in configfs_symlink() (git-fixes).
- configfs: fix a race in configfs_{,un}register_subsystem() (git-fixes).
- configfs: fix a use-after-free in __configfs_open_file (git-fixes).
- configfs: fix config_item refcnt leak in configfs_rmdir() (git-fixes).
- configfs: fix memleak in configfs_release_bin_file (git-fixes).
- configfs: new object reprsenting tree fragments (git-fixes).
- configfs: provide exclusion between IO and removals (git-fixes).
- configfs: stash the data we need into configfs_buffer at open time (git-fixes).
- ext4: Avoid freeing inodes on dirty list (bsc#1216989).
- ext4: silence the warning when evicting inode with dioread_nolock (bsc#1206889).
- fat: add ratelimit to fat*_ent_bread() (git-fixes).
- fs/exofs: fix potential memory leak in mount option parsing (git-fixes).
- fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters() (git-fixes).
- fs/fat/file.c: issue flush after the writeback of FAT (git-fixes).
- fs/file.c: initialize init_files.resize_wait (git-fixes).
- fs: do not audit the capability check in simple_xattr_list() (git-fixes).
- fs: ocfs2: namei: check return value of ocfs2_add_entry() (git-fixes).
- fs: orangefs: fix error return code of orangefs_revalidate_lookup() (git-fixes).
- fs: ratelimit __find_get_block_slow() failure message (git-fixes).
- fs: warn about impending deprecation of mandatory locks (git-fixes).
- gfs2: Allow lock_nolock mount to specify jid=X (git-fixes).
- gfs2: Check sb_bsize_shift after reading superblock (git-fixes).
- gfs2: Do not call dlm after protocol is unmounted (git-fixes).
- gfs2: Do not set GFS2_RDF_UPTODATE when the lvb is updated (git-fixes).
- gfs2: Do not skip dlm unlock if glock had an lvb (git-fixes).
- gfs2: Fix inode height consistency check (git-fixes).
- gfs2: Fix lru_count going negative (git-fixes).
- gfs2: Fix marking bitmaps non-full (git-fixes).
- gfs2: Fix possible data races in gfs2_show_options() (git-fixes).
- gfs2: Fix sign extension bug in gfs2_update_stats (git-fixes).
- gfs2: Fix use-after-free in gfs2_glock_shrink_scan (git-fixes).
- gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free (git-fixes).
- gfs2: Make sure FITRIM minlen is rounded up to fs block size (git-fixes).
- gfs2: Special-case rindex for gfs2_grow (git-fixes).
- gfs2: Wake up when sd_glock_disposal becomes zero (git-fixes).
- gfs2: add validation checks for size of superblock (git-fixes).
- gfs2: assign rgrp glock before compute_bitstructs (git-fixes).
- gfs2: check for empty rgrp tree in gfs2_ri_update (git-fixes).
- gfs2: check for live vs. read-only file system in gfs2_fitrim (git-fixes).
- gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps (git-fixes).
- gfs2: fix use-after-free on transaction ail lists (git-fixes).
- gfs2: ignore negated quota changes (git-fixes).
- gfs2: initialize transaction tr_ailX_lists earlier (git-fixes).
- gfs2: report 'already frozen/thawed' errors (git-fixes).
- gfs2: take jdata unstuff into account in do_grow (git-fixes).
- gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache (git-fixes).
- gtp: change NET_UDP_TUNNEL dependency to select (git-fixes).
- help_next should increase position index (git-fixes).
- iomap: sub-block dio needs to zeroout beyond EOF (git-fixes).
- kernfs: Separate kernfs_pr_cont_buf and rename_lock (git-fixes).
- kernfs: bring names in comments in line with code (git-fixes).
- kernfs: fix use-after-free in __kernfs_remove (git-fixes).
- libceph: use kernel_connect() (bsc#1219446).
- libnvdimm/btt: Fix LBA masking during 'free list' population (git-fixes).
- libnvdimm/btt: Fix a kmemdup failure check (git-fixes).
- libnvdimm/btt: Remove unnecessary code in btt_freelist_init (git-fixes).
- libnvdimm/btt: fix variable 'rc' set but not used (git-fixes).
- libnvdimm/namespace: Fix a potential NULL pointer dereference (git-fixes).
- libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return value (git-fixes).
- libnvdimm/pmem: Delete include of nd-core.h (git-fixes).
- libnvdimm/pmem: fix a possible OOB access when read and write pmem (git-fixes).
- libnvdimm/region: Fix label activation vs errors (git-fixes).
- libnvdimm: Fix compilation warnings with W=1 (git-fixes).
- libnvdimm: Out of bounds read in __nd_ioctl() (git-fixes).
- libnvdimm: Validate command family indices (git-fixes).
- libnvdimm: cover up changes in struct nvdimm_bus_descriptor (git-fixes).
- locks: print a warning when mount fails due to lack of 'mand' support (git-fixes).
- mce: fix set_mce_nospec to always unmap the whole page (git-fixes).
- mlxsw: spectrum: Avoid -Wformat-truncation warnings (git-fixes).
- mlxsw: spectrum: Properly cleanup LAG uppers when removing port from LAG (git-fixes).
- mlxsw: spectrum: Set LAG port collector only when active (git-fixes).
- mm,mremap: bail out earlier in mremap_to under map pressure (bsc#1123986).
- net: (cpts) fix a missing check of clk_prepare (git-fixes).
- net: dsa: bcm_sf2: Propagate error value from mdio_write (git-fixes).
- net: dsa: mv88e6xxx: Work around mv886e6161 SERDES missing MII_PHYSID2 (git-fixes).
- net: dsa: mv88e6xxx: avoid error message on remove from VLAN 0 (git-fixed).
- net: dsa: qca8k: Enable delay for RGMII_ID mode (git-fixes).
- net: ethernet: ti: fix possible object reference leak (git-fixes).
- net: fec: Do not use netdev messages too early (git-fixes).
- net: ks8851: Delay requesting IRQ until opened (git-fixes).
- net: ks8851: Reassert reset pin if chip ID check fails (git-fixes).
- net: ks8851: Set initial carrier state to down (git-fixes).
- net: macb: Add null check for PCLK and HCLK (git-fixed).
- net: mv643xx_eth: disable clk on error path in mv643xx_eth_shared_probe() (git-fixes).
- net: phy: sfp: warn the user when no tx_disable pin is available (git-fixes).
- net: phylink: avoid resolving link state too early (git-fixes).
- net: sfp: do not probe SFP module before we're attached (git-fixes).
- net: stmmac: Disable EEE mode earlier in XMIT callback (git-fixes).
- net: stmmac: Fallback to Platform Data clock in Watchdog conversion (git-fixes).
- net: stmmac: do not overwrite discard_frame status (git-fixes).
- net: stmmac: dwmac-rk: fix error handling in rk_gmac_powerup() (git-fixes).
- net: stmmac: dwmac1000: Clear unused address entries (git-fixed).
- net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting (git-fixes).
- net: stmmac: dwmac4/5: Clear unused address entries (git-fixes).
- net: systemport: Fix reception of BPDUs (git-fixes).
- net: xilinx: fix possible object reference leak (git-fixed).
- nfs: NFS 4.0 LOCK calls getting constant NFS4ERR_BAD_SEQID (bsc#1218968).
- nfsd: drop st_mutex and rp_mutex before calling move_to_close_lru() (bsc#1217525).
- nvdimm/btt: do not call del_gendisk() if not needed (git-fixes).
- nvdimm: Allow overwrite in the presence of disabled dimms (git-fixes).
- nvdimm: Fix badblocks clear off-by-one error (git-fixes).
- nvmet-tcp: fix a crash in nvmet_req_complete() (git-fixes).
- orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() (git-fixes).
- orangefs: Fix sysfs not cleanup when dev init failed (git-fixes).
- orangefs: fix orangefs df output (git-fixes).
- orangefs: rate limit the client not running info message (git-fixes).
- powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729).
- powerpc/powernv: Add a null pointer check in opal_powercap_init() (bsc#1181674 ltc#189159 git-fixes).
- powerpc/pseries/memhotplug: Quieten some DLPAR operations (bsc#1065729).
- powerpc/pseries/memhp: Fix access beyond end of drmem array (bsc#1065729).
- powerpc: Do not clobber f0/vs0 during fp|altivec register save (bsc#1065729).
- preserve KABI for struct plat_stmmacenet_data (git-fixes).
- preserve KABI for struct sfp_socket_ops (git-fixes).
- proc: fix /proc/*/map_files lookup (git-fixes).
- pstore/ram: Check start of empty przs during init (git-fixes).
- pstore/ram: Fix error return code in ramoops_probe() (git-fixes).
- pstore/ram: Run without kernel crash dump region (git-fixes).
- pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP (git-fixes).
- pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() (git-fixes).
- reiserfs: Check the return value from __getblk() (git-fixes).
- reiserfs: Replace 1-element array with C99 style flex-array (git-fixes).
- s390/dasd: fix double module refcount decrement (bsc#1141539).
- scsi: qedf: fc_rport_priv reference counting fixes (bsc#1212152).
- scsi: qla0xxx: Fix system crash due to bad pointer access (git-fixes).
- sfc: initialise found bitmap in efx_ef10_mtd_probe (git-fixes).
- statfs: enforce statfs[64] structure initialization (git-fixes).
- tracing/trigger: Fix to return error if failed to alloc snapshot (git-fixes).
- usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer (git-fixes).
- veth: Fixing transmit return status for dropped packets (git-fixes).
- vfs: make freeze_super abort when sync_filesystem returns error (git-fixes).
- writeback: Export inode_io_list_del() (bsc#1216989).
- x86/CPU/AMD: Check vendor in the AMD microcode callback (git-fixes).
- x86/alternatives: Sync core before enabling interrupts (git-fixes).
- x86/asm: Ensure asm/proto.h can be included stand-alone (git-fixes).
- x86/bugs: Add 'unknown' reporting for MMIO Stale Data (git-fixes).
- x86/build: Treat R_386_PLT32 relocation as R_386_PC32 (git-fixes).
- x86/build: Turn off -fcf-protection for realmode targets (git-fixes).
- x86/cpu/hygon: Fix the CPU topology evaluation for real (git-fixes).
- x86/cpu: Add another Alder Lake CPU to the Intel family (git-fixes).
- x86/fpu: Use _Alignof to avoid undefined behavior in TYPE_ALIGN (git-fixes).
- x86/kvm/lapic: always disable MMIO interface in x2APIC mode (git-fixes).
- x86/kvm: Do not try to disable kvmclock if it was not enabled (git-fixes).
- x86/lib: Fix overflow when counting digits (git-fixes).
- x86/mce: relocate set{clear}_mce_nospec() functions (git-fixes).
- x86/microcode/AMD: Track patch allocation size explicitly (git-fixes).
- x86/microcode/intel: Do not retry microcode reloading on the APs (git-fixes).
- x86/mm: Add a x86_has_pat_wp() helper (git-fixes).
- x86/pat: Fix x86_has_pat_wp() (git-fixes).
- x86/pat: Pass valid address to sanitize_phys() (git-fixes).
- x86/pm: Add enumeration check before spec MSRs save/restore setup (git-fixes).
- x86/pm: Fix false positive kmemleak report in msr_build_context() (git-fixes).
- x86/purgatory: Do not generate debug info for purgatory.ro (git-fixes).
- x86/resctrl: Fix to restore to original value when re-enabling hardware prefetch register (git-fixes).
- x86/topology: Fix duplicated core ID within a package (git-fixes).
- x86/topology: Fix multiple packages shown on a single-package system (git-fixes).
- x86/unwind/orc: Fix unreliable stack dump with gcov (git-fixes).
- x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry (git-fixes).
- x86: Clear .brk area at early boot (git-fixes).
- x86: Fix __get_wchan() for !STACKTRACE (git-fixes).
- x86: Fix get_wchan() to support the ORC unwinder (git-fixes).
- x86: Mark stop_this_cpu() __noreturn (git-fixes).
- x86: Pin task-stack in __get_wchan() (git-fixes).
- x86: __always_inline __{rd,wr}msr() (git-fixes).
Patchnames: SUSE-2024-468,SUSE-SLE-RT-12-SP5-2024-468
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.7 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.7 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
69 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434).\n- CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218730).\n- CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment (bsc#1218836).\n- CVE-2021-33631: Fixed an integer overflow in ext4_write_inline_data_end() (bsc#1219412).\n- CVE-2023-47233: Fixed a use-after-free in the device unplugging (disconnect the USB by hotplug) code inside the brcm80211 component (bsc#1216702).\n- CVE-2023-51043: Fixed use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (bsc#1219120).\n- CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219053).\n- CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function (bsc#1218752).\n- CVE-2023-51782: Fixed use-after-free in rose_ioctl in net/rose/af_rose.c because of a rose_accept race condition (bsc#1218757).\n\nThe following non-security bugs were fixed:\n\n- 9p: missing chunk of \u0027fs/9p: Do not update file type when updating file attributes\u0027 (git-fixes).\n- ACPICA: Avoid cache flush inside virtual machines (git-fixes).\n- Fix build error in debug config\n- GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads (git-fixes).\n- KVM: s390: vsie: Fix STFLE interpretive execution identification (git-fixes bsc#1219022).\n- Limit kernel-source build to architectures for which the kernel binary is built (bsc#1108281).\n- UAPI: ndctl: Fix g++-unsupported initialisation in headers (git-fixes).\n- USB: serial: option: add Fibocom to DELL custom modem FM101R-GL (git-fixes).\n- USB: serial: option: add Telit LE910C4-WWX 0x1035 composition (git-fixes).\n- USB: serial: option: add entry for Sierra EM9191 with new firmware (git-fixes).\n- USB: serial: option: fix FM101R-GL defines (git-fixes).\n- acpi/nfit: Require opt-in for read-only label configurations (git-fixes).\n- acpi/nfit: improve bounds checking for \u0027func\u0027 (git-fixes).\n- affs: fix basic permission bits to actually work (git-fixes).\n- aio: fix mremap after fork null-deref (git-fixes).\n- asix: Add check for usbnet_get_endpoints (git-fixes).\n- ceph: fix incorrect revoked caps assert in ceph_fill_file_size() (bsc#1219445).\n- chardev: fix error handling in cdev_device_add() (git-fixes).\n- configfs: fix a deadlock in configfs_symlink() (git-fixes).\n- configfs: fix a race in configfs_{,un}register_subsystem() (git-fixes).\n- configfs: fix a use-after-free in __configfs_open_file (git-fixes).\n- configfs: fix config_item refcnt leak in configfs_rmdir() (git-fixes).\n- configfs: fix memleak in configfs_release_bin_file (git-fixes).\n- configfs: new object reprsenting tree fragments (git-fixes).\n- configfs: provide exclusion between IO and removals (git-fixes).\n- configfs: stash the data we need into configfs_buffer at open time (git-fixes).\n- ext4: Avoid freeing inodes on dirty list (bsc#1216989).\n- ext4: silence the warning when evicting inode with dioread_nolock (bsc#1206889).\n- fat: add ratelimit to fat*_ent_bread() (git-fixes).\n- fs/exofs: fix potential memory leak in mount option parsing (git-fixes).\n- fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters() (git-fixes).\n- fs/fat/file.c: issue flush after the writeback of FAT (git-fixes).\n- fs/file.c: initialize init_files.resize_wait (git-fixes).\n- fs: do not audit the capability check in simple_xattr_list() (git-fixes).\n- fs: ocfs2: namei: check return value of ocfs2_add_entry() (git-fixes).\n- fs: orangefs: fix error return code of orangefs_revalidate_lookup() (git-fixes).\n- fs: ratelimit __find_get_block_slow() failure message (git-fixes).\n- fs: warn about impending deprecation of mandatory locks (git-fixes).\n- gfs2: Allow lock_nolock mount to specify jid=X (git-fixes).\n- gfs2: Check sb_bsize_shift after reading superblock (git-fixes).\n- gfs2: Do not call dlm after protocol is unmounted (git-fixes).\n- gfs2: Do not set GFS2_RDF_UPTODATE when the lvb is updated (git-fixes).\n- gfs2: Do not skip dlm unlock if glock had an lvb (git-fixes).\n- gfs2: Fix inode height consistency check (git-fixes).\n- gfs2: Fix lru_count going negative (git-fixes).\n- gfs2: Fix marking bitmaps non-full (git-fixes).\n- gfs2: Fix possible data races in gfs2_show_options() (git-fixes).\n- gfs2: Fix sign extension bug in gfs2_update_stats (git-fixes).\n- gfs2: Fix use-after-free in gfs2_glock_shrink_scan (git-fixes).\n- gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free (git-fixes).\n- gfs2: Make sure FITRIM minlen is rounded up to fs block size (git-fixes).\n- gfs2: Special-case rindex for gfs2_grow (git-fixes).\n- gfs2: Wake up when sd_glock_disposal becomes zero (git-fixes).\n- gfs2: add validation checks for size of superblock (git-fixes).\n- gfs2: assign rgrp glock before compute_bitstructs (git-fixes).\n- gfs2: check for empty rgrp tree in gfs2_ri_update (git-fixes).\n- gfs2: check for live vs. read-only file system in gfs2_fitrim (git-fixes).\n- gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps (git-fixes).\n- gfs2: fix use-after-free on transaction ail lists (git-fixes).\n- gfs2: ignore negated quota changes (git-fixes).\n- gfs2: initialize transaction tr_ailX_lists earlier (git-fixes).\n- gfs2: report \u0027already frozen/thawed\u0027 errors (git-fixes).\n- gfs2: take jdata unstuff into account in do_grow (git-fixes).\n- gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache (git-fixes).\n- gtp: change NET_UDP_TUNNEL dependency to select (git-fixes).\n- help_next should increase position index (git-fixes).\n- iomap: sub-block dio needs to zeroout beyond EOF (git-fixes).\n- kernfs: Separate kernfs_pr_cont_buf and rename_lock (git-fixes).\n- kernfs: bring names in comments in line with code (git-fixes).\n- kernfs: fix use-after-free in __kernfs_remove (git-fixes).\n- libceph: use kernel_connect() (bsc#1219446).\n- libnvdimm/btt: Fix LBA masking during \u0027free list\u0027 population (git-fixes).\n- libnvdimm/btt: Fix a kmemdup failure check (git-fixes).\n- libnvdimm/btt: Remove unnecessary code in btt_freelist_init (git-fixes).\n- libnvdimm/btt: fix variable \u0027rc\u0027 set but not used (git-fixes).\n- libnvdimm/namespace: Fix a potential NULL pointer dereference (git-fixes).\n- libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return value (git-fixes).\n- libnvdimm/pmem: Delete include of nd-core.h (git-fixes).\n- libnvdimm/pmem: fix a possible OOB access when read and write pmem (git-fixes).\n- libnvdimm/region: Fix label activation vs errors (git-fixes).\n- libnvdimm: Fix compilation warnings with W=1 (git-fixes).\n- libnvdimm: Out of bounds read in __nd_ioctl() (git-fixes).\n- libnvdimm: Validate command family indices (git-fixes).\n- libnvdimm: cover up changes in struct nvdimm_bus_descriptor (git-fixes).\n- locks: print a warning when mount fails due to lack of \u0027mand\u0027 support (git-fixes).\n- mce: fix set_mce_nospec to always unmap the whole page (git-fixes).\n- mlxsw: spectrum: Avoid -Wformat-truncation warnings (git-fixes).\n- mlxsw: spectrum: Properly cleanup LAG uppers when removing port from LAG (git-fixes).\n- mlxsw: spectrum: Set LAG port collector only when active (git-fixes).\n- mm,mremap: bail out earlier in mremap_to under map pressure (bsc#1123986).\n- net: (cpts) fix a missing check of clk_prepare (git-fixes).\n- net: dsa: bcm_sf2: Propagate error value from mdio_write (git-fixes).\n- net: dsa: mv88e6xxx: Work around mv886e6161 SERDES missing MII_PHYSID2 (git-fixes).\n- net: dsa: mv88e6xxx: avoid error message on remove from VLAN 0 (git-fixed).\n- net: dsa: qca8k: Enable delay for RGMII_ID mode (git-fixes).\n- net: ethernet: ti: fix possible object reference leak (git-fixes).\n- net: fec: Do not use netdev messages too early (git-fixes).\n- net: ks8851: Delay requesting IRQ until opened (git-fixes).\n- net: ks8851: Reassert reset pin if chip ID check fails (git-fixes).\n- net: ks8851: Set initial carrier state to down (git-fixes).\n- net: macb: Add null check for PCLK and HCLK (git-fixed).\n- net: mv643xx_eth: disable clk on error path in mv643xx_eth_shared_probe() (git-fixes).\n- net: phy: sfp: warn the user when no tx_disable pin is available (git-fixes).\n- net: phylink: avoid resolving link state too early (git-fixes).\n- net: sfp: do not probe SFP module before we\u0027re attached (git-fixes).\n- net: stmmac: Disable EEE mode earlier in XMIT callback (git-fixes).\n- net: stmmac: Fallback to Platform Data clock in Watchdog conversion (git-fixes).\n- net: stmmac: do not overwrite discard_frame status (git-fixes).\n- net: stmmac: dwmac-rk: fix error handling in rk_gmac_powerup() (git-fixes).\n- net: stmmac: dwmac1000: Clear unused address entries (git-fixed).\n- net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting (git-fixes).\n- net: stmmac: dwmac4/5: Clear unused address entries (git-fixes).\n- net: systemport: Fix reception of BPDUs (git-fixes).\n- net: xilinx: fix possible object reference leak (git-fixed).\n- nfs: NFS 4.0 LOCK calls getting constant NFS4ERR_BAD_SEQID (bsc#1218968).\n- nfsd: drop st_mutex and rp_mutex before calling move_to_close_lru() (bsc#1217525).\n- nvdimm/btt: do not call del_gendisk() if not needed (git-fixes).\n- nvdimm: Allow overwrite in the presence of disabled dimms (git-fixes).\n- nvdimm: Fix badblocks clear off-by-one error (git-fixes).\n- nvmet-tcp: fix a crash in nvmet_req_complete() (git-fixes).\n- orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() (git-fixes).\n- orangefs: Fix sysfs not cleanup when dev init failed (git-fixes).\n- orangefs: fix orangefs df output (git-fixes).\n- orangefs: rate limit the client not running info message (git-fixes).\n- powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729).\n- powerpc/powernv: Add a null pointer check in opal_powercap_init() (bsc#1181674 ltc#189159 git-fixes).\n- powerpc/pseries/memhotplug: Quieten some DLPAR operations (bsc#1065729).\n- powerpc/pseries/memhp: Fix access beyond end of drmem array (bsc#1065729).\n- powerpc: Do not clobber f0/vs0 during fp|altivec register save (bsc#1065729).\n- preserve KABI for struct plat_stmmacenet_data (git-fixes).\n- preserve KABI for struct sfp_socket_ops (git-fixes).\n- proc: fix /proc/*/map_files lookup (git-fixes).\n- pstore/ram: Check start of empty przs during init (git-fixes).\n- pstore/ram: Fix error return code in ramoops_probe() (git-fixes).\n- pstore/ram: Run without kernel crash dump region (git-fixes).\n- pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP (git-fixes).\n- pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() (git-fixes).\n- reiserfs: Check the return value from __getblk() (git-fixes).\n- reiserfs: Replace 1-element array with C99 style flex-array (git-fixes).\n- s390/dasd: fix double module refcount decrement (bsc#1141539).\n- scsi: qedf: fc_rport_priv reference counting fixes (bsc#1212152). \n- scsi: qla0xxx: Fix system crash due to bad pointer access (git-fixes).\n- sfc: initialise found bitmap in efx_ef10_mtd_probe (git-fixes).\n- statfs: enforce statfs[64] structure initialization (git-fixes).\n- tracing/trigger: Fix to return error if failed to alloc snapshot (git-fixes).\n- usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer (git-fixes).\n- veth: Fixing transmit return status for dropped packets (git-fixes).\n- vfs: make freeze_super abort when sync_filesystem returns error (git-fixes).\n- writeback: Export inode_io_list_del() (bsc#1216989). \n- x86/CPU/AMD: Check vendor in the AMD microcode callback (git-fixes).\n- x86/alternatives: Sync core before enabling interrupts (git-fixes).\n- x86/asm: Ensure asm/proto.h can be included stand-alone (git-fixes).\n- x86/bugs: Add \u0027unknown\u0027 reporting for MMIO Stale Data (git-fixes).\n- x86/build: Treat R_386_PLT32 relocation as R_386_PC32 (git-fixes).\n- x86/build: Turn off -fcf-protection for realmode targets (git-fixes).\n- x86/cpu/hygon: Fix the CPU topology evaluation for real (git-fixes).\n- x86/cpu: Add another Alder Lake CPU to the Intel family (git-fixes).\n- x86/fpu: Use _Alignof to avoid undefined behavior in TYPE_ALIGN (git-fixes).\n- x86/kvm/lapic: always disable MMIO interface in x2APIC mode (git-fixes).\n- x86/kvm: Do not try to disable kvmclock if it was not enabled (git-fixes).\n- x86/lib: Fix overflow when counting digits (git-fixes).\n- x86/mce: relocate set{clear}_mce_nospec() functions (git-fixes).\n- x86/microcode/AMD: Track patch allocation size explicitly (git-fixes).\n- x86/microcode/intel: Do not retry microcode reloading on the APs (git-fixes).\n- x86/mm: Add a x86_has_pat_wp() helper (git-fixes).\n- x86/pat: Fix x86_has_pat_wp() (git-fixes).\n- x86/pat: Pass valid address to sanitize_phys() (git-fixes).\n- x86/pm: Add enumeration check before spec MSRs save/restore setup (git-fixes).\n- x86/pm: Fix false positive kmemleak report in msr_build_context() (git-fixes).\n- x86/purgatory: Do not generate debug info for purgatory.ro (git-fixes).\n- x86/resctrl: Fix to restore to original value when re-enabling hardware prefetch register (git-fixes).\n- x86/topology: Fix duplicated core ID within a package (git-fixes).\n- x86/topology: Fix multiple packages shown on a single-package system (git-fixes).\n- x86/unwind/orc: Fix unreliable stack dump with gcov (git-fixes).\n- x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry (git-fixes).\n- x86: Clear .brk area at early boot (git-fixes).\n- x86: Fix __get_wchan() for !STACKTRACE (git-fixes).\n- x86: Fix get_wchan() to support the ORC unwinder (git-fixes).\n- x86: Mark stop_this_cpu() __noreturn (git-fixes).\n- x86: Pin task-stack in __get_wchan() (git-fixes).\n- x86: __always_inline __{rd,wr}msr() (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-468,SUSE-SLE-RT-12-SP5-2024-468",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0468-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:0468-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20240468-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:0468-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017914.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1108281",
"url": "https://bugzilla.suse.com/1108281"
},
{
"category": "self",
"summary": "SUSE Bug 1123986",
"url": "https://bugzilla.suse.com/1123986"
},
{
"category": "self",
"summary": "SUSE Bug 1141539",
"url": "https://bugzilla.suse.com/1141539"
},
{
"category": "self",
"summary": "SUSE Bug 1181674",
"url": "https://bugzilla.suse.com/1181674"
},
{
"category": "self",
"summary": "SUSE Bug 1206889",
"url": "https://bugzilla.suse.com/1206889"
},
{
"category": "self",
"summary": "SUSE Bug 1212152",
"url": "https://bugzilla.suse.com/1212152"
},
{
"category": "self",
"summary": "SUSE Bug 1216702",
"url": "https://bugzilla.suse.com/1216702"
},
{
"category": "self",
"summary": "SUSE Bug 1216989",
"url": "https://bugzilla.suse.com/1216989"
},
{
"category": "self",
"summary": "SUSE Bug 1217525",
"url": "https://bugzilla.suse.com/1217525"
},
{
"category": "self",
"summary": "SUSE Bug 1218713",
"url": "https://bugzilla.suse.com/1218713"
},
{
"category": "self",
"summary": "SUSE Bug 1218730",
"url": "https://bugzilla.suse.com/1218730"
},
{
"category": "self",
"summary": "SUSE Bug 1218752",
"url": "https://bugzilla.suse.com/1218752"
},
{
"category": "self",
"summary": "SUSE Bug 1218757",
"url": "https://bugzilla.suse.com/1218757"
},
{
"category": "self",
"summary": "SUSE Bug 1218768",
"url": "https://bugzilla.suse.com/1218768"
},
{
"category": "self",
"summary": "SUSE Bug 1218836",
"url": "https://bugzilla.suse.com/1218836"
},
{
"category": "self",
"summary": "SUSE Bug 1218968",
"url": "https://bugzilla.suse.com/1218968"
},
{
"category": "self",
"summary": "SUSE Bug 1219022",
"url": "https://bugzilla.suse.com/1219022"
},
{
"category": "self",
"summary": "SUSE Bug 1219053",
"url": "https://bugzilla.suse.com/1219053"
},
{
"category": "self",
"summary": "SUSE Bug 1219120",
"url": "https://bugzilla.suse.com/1219120"
},
{
"category": "self",
"summary": "SUSE Bug 1219412",
"url": "https://bugzilla.suse.com/1219412"
},
{
"category": "self",
"summary": "SUSE Bug 1219434",
"url": "https://bugzilla.suse.com/1219434"
},
{
"category": "self",
"summary": "SUSE Bug 1219445",
"url": "https://bugzilla.suse.com/1219445"
},
{
"category": "self",
"summary": "SUSE Bug 1219446",
"url": "https://bugzilla.suse.com/1219446"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33631 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-46838 page",
"url": "https://www.suse.com/security/cve/CVE-2023-46838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47233 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-51043 page",
"url": "https://www.suse.com/security/cve/CVE-2023-51043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-51780 page",
"url": "https://www.suse.com/security/cve/CVE-2023-51780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-51782 page",
"url": "https://www.suse.com/security/cve/CVE-2023-51782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6040 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0775 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-1086 page",
"url": "https://www.suse.com/security/cve/CVE-2024-1086/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-02-14T12:19:13Z",
"generator": {
"date": "2024-02-14T12:19:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:0468-1",
"initial_release_date": "2024-02-14T12:19:13Z",
"revision_history": [
{
"date": "2024-02-14T12:19:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-4.12.14-10.162.1.noarch",
"product": {
"name": "kernel-devel-rt-4.12.14-10.162.1.noarch",
"product_id": "kernel-devel-rt-4.12.14-10.162.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-4.12.14-10.162.1.noarch",
"product": {
"name": "kernel-source-rt-4.12.14-10.162.1.noarch",
"product_id": "kernel-source-rt-4.12.14-10.162.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"product_id": "cluster-md-kmp-rt-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-4.12.14-10.162.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-4.12.14-10.162.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"product": {
"name": "dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"product_id": "dlm-kmp-rt-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-4.12.14-10.162.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-4.12.14-10.162.1.x86_64",
"product_id": "dlm-kmp-rt_debug-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"product_id": "gfs2-kmp-rt-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-4.12.14-10.162.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-4.12.14-10.162.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-4.12.14-10.162.1.x86_64",
"product": {
"name": "kernel-rt-4.12.14-10.162.1.x86_64",
"product_id": "kernel-rt-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-4.12.14-10.162.1.x86_64",
"product": {
"name": "kernel-rt-base-4.12.14-10.162.1.x86_64",
"product_id": "kernel-rt-base-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-4.12.14-10.162.1.x86_64",
"product": {
"name": "kernel-rt-devel-4.12.14-10.162.1.x86_64",
"product_id": "kernel-rt-devel-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-4.12.14-10.162.1.x86_64",
"product": {
"name": "kernel-rt-extra-4.12.14-10.162.1.x86_64",
"product_id": "kernel-rt-extra-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-kgraft-devel-4.12.14-10.162.1.x86_64",
"product": {
"name": "kernel-rt-kgraft-devel-4.12.14-10.162.1.x86_64",
"product_id": "kernel-rt-kgraft-devel-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-4.12.14-10.162.1.x86_64",
"product": {
"name": "kernel-rt_debug-4.12.14-10.162.1.x86_64",
"product_id": "kernel-rt_debug-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-base-4.12.14-10.162.1.x86_64",
"product": {
"name": "kernel-rt_debug-base-4.12.14-10.162.1.x86_64",
"product_id": "kernel-rt_debug-base-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"product_id": "kernel-rt_debug-devel-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-4.12.14-10.162.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-4.12.14-10.162.1.x86_64",
"product_id": "kernel-rt_debug-extra-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.162.1.x86_64",
"product": {
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.162.1.x86_64",
"product_id": "kernel-rt_debug-kgraft-devel-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-4.12.14-10.162.1.x86_64",
"product": {
"name": "kernel-syms-rt-4.12.14-10.162.1.x86_64",
"product_id": "kernel-syms-rt-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-4.12.14-10.162.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-4.12.14-10.162.1.x86_64",
"product_id": "kselftests-kmp-rt-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-4.12.14-10.162.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-4.12.14-10.162.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"product_id": "ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-4.12.14-10.162.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-4.12.14-10.162.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-4.12.14-10.162.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-4.12.14-10.162.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-4.12.14-10.162.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64"
},
"product_reference": "dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-4.12.14-10.162.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-4.12.14-10.162.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch"
},
"product_reference": "kernel-devel-rt-4.12.14-10.162.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-4.12.14-10.162.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64"
},
"product_reference": "kernel-rt-4.12.14-10.162.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-4.12.14-10.162.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64"
},
"product_reference": "kernel-rt-base-4.12.14-10.162.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-4.12.14-10.162.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64"
},
"product_reference": "kernel-rt-devel-4.12.14-10.162.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-4.12.14-10.162.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64"
},
"product_reference": "kernel-rt_debug-4.12.14-10.162.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-4.12.14-10.162.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-4.12.14-10.162.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch"
},
"product_reference": "kernel-source-rt-4.12.14-10.162.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-4.12.14-10.162.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64"
},
"product_reference": "kernel-syms-rt-4.12.14-10.162.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-4.12.14-10.162.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-33631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33631"
}
],
"notes": [
{
"category": "general",
"text": "Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33631",
"url": "https://www.suse.com/security/cve/CVE-2021-33631"
},
{
"category": "external",
"summary": "SUSE Bug 1219412 for CVE-2021-33631",
"url": "https://bugzilla.suse.com/1219412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T12:19:13Z",
"details": "moderate"
}
],
"title": "CVE-2021-33631"
},
{
"cve": "CVE-2023-46838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-46838"
}
],
"notes": [
{
"category": "general",
"text": "Transmit requests in Xen\u0027s virtual network protocol can consist of\nmultiple parts. While not really useful, except for the initial part\nany of them may be of zero length, i.e. carry no data at all. Besides a\ncertain initial portion of the to be transferred data, these parts are\ndirectly translated into what Linux calls SKB fragments. Such converted\nrequest parts can, when for a particular SKB they are all of length\nzero, lead to a de-reference of NULL in core networking code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-46838",
"url": "https://www.suse.com/security/cve/CVE-2023-46838"
},
{
"category": "external",
"summary": "SUSE Bug 1218836 for CVE-2023-46838",
"url": "https://bugzilla.suse.com/1218836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T12:19:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-46838"
},
{
"cve": "CVE-2023-47233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47233"
}
],
"notes": [
{
"category": "general",
"text": "The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this \"could be exploited in a real world scenario.\" This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47233",
"url": "https://www.suse.com/security/cve/CVE-2023-47233"
},
{
"category": "external",
"summary": "SUSE Bug 1216702 for CVE-2023-47233",
"url": "https://bugzilla.suse.com/1216702"
},
{
"category": "external",
"summary": "SUSE Bug 1224592 for CVE-2023-47233",
"url": "https://bugzilla.suse.com/1224592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T12:19:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-47233"
},
{
"cve": "CVE-2023-51043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-51043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-51043",
"url": "https://www.suse.com/security/cve/CVE-2023-51043"
},
{
"category": "external",
"summary": "SUSE Bug 1219120 for CVE-2023-51043",
"url": "https://bugzilla.suse.com/1219120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T12:19:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-51043"
},
{
"cve": "CVE-2023-51780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-51780"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-51780",
"url": "https://www.suse.com/security/cve/CVE-2023-51780"
},
{
"category": "external",
"summary": "SUSE Bug 1218730 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1218730"
},
{
"category": "external",
"summary": "SUSE Bug 1218733 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1218733"
},
{
"category": "external",
"summary": "SUSE Bug 1220191 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1220191"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1221598"
},
{
"category": "external",
"summary": "SUSE Bug 1224298 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1224298"
},
{
"category": "external",
"summary": "SUSE Bug 1224878 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1224878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T12:19:13Z",
"details": "important"
}
],
"title": "CVE-2023-51780"
},
{
"cve": "CVE-2023-51782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-51782"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-51782",
"url": "https://www.suse.com/security/cve/CVE-2023-51782"
},
{
"category": "external",
"summary": "SUSE Bug 1218757 for CVE-2023-51782",
"url": "https://bugzilla.suse.com/1218757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T12:19:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-51782"
},
{
"cve": "CVE-2023-6040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6040"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6040",
"url": "https://www.suse.com/security/cve/CVE-2023-6040"
},
{
"category": "external",
"summary": "SUSE Bug 1218752 for CVE-2023-6040",
"url": "https://bugzilla.suse.com/1218752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T12:19:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-6040"
},
{
"cve": "CVE-2024-0775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0775"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0775",
"url": "https://www.suse.com/security/cve/CVE-2024-0775"
},
{
"category": "external",
"summary": "SUSE Bug 1219053 for CVE-2024-0775",
"url": "https://bugzilla.suse.com/1219053"
},
{
"category": "external",
"summary": "SUSE Bug 1219082 for CVE-2024-0775",
"url": "https://bugzilla.suse.com/1219082"
},
{
"category": "external",
"summary": "SUSE Bug 1224298 for CVE-2024-0775",
"url": "https://bugzilla.suse.com/1224298"
},
{
"category": "external",
"summary": "SUSE Bug 1224878 for CVE-2024-0775",
"url": "https://bugzilla.suse.com/1224878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T12:19:13Z",
"details": "important"
}
],
"title": "CVE-2024-0775"
},
{
"cve": "CVE-2024-1086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-1086"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.\n\nWe recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-1086",
"url": "https://www.suse.com/security/cve/CVE-2024-1086"
},
{
"category": "external",
"summary": "SUSE Bug 1219434 for CVE-2024-1086",
"url": "https://bugzilla.suse.com/1219434"
},
{
"category": "external",
"summary": "SUSE Bug 1219435 for CVE-2024-1086",
"url": "https://bugzilla.suse.com/1219435"
},
{
"category": "external",
"summary": "SUSE Bug 1224298 for CVE-2024-1086",
"url": "https://bugzilla.suse.com/1224298"
},
{
"category": "external",
"summary": "SUSE Bug 1224878 for CVE-2024-1086",
"url": "https://bugzilla.suse.com/1224878"
},
{
"category": "external",
"summary": "SUSE Bug 1226066 for CVE-2024-1086",
"url": "https://bugzilla.suse.com/1226066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.162.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.162.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.162.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-14T12:19:13Z",
"details": "important"
}
],
"title": "CVE-2024-1086"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…