Msrc Azl3 Kernel 6.6.29.1-4 On Azure Linux 3.0 vulnerabilities

CVE-2023-6915 [MEDIUM] CWE-476 Kernel: null pointer dereference vulnerability in ida_free in lib/idr.c Kernel: null pointer dereference vulnerability in ida_free in lib/idr.c FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the o

CVE-2024-0607 [MEDIUM] CWE-229 Kernel: nf_tables: pointer math issue in nft_byteorder_eval() Kernel: nf_tables: pointer math issue in nft_byteorder_eval() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries

CVE-2023-6932 [HIGH] CWE-416 Use-after-free in Linux kernel's ipv4: igmp component Use-after-free in Linux kernel's ipv4: igmp component FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the di

CVE-2023-6111 [HIGH] CWE-416 Use-after-free in Linux kernel's netfilter: nf_tables component Use-after-free in Linux kernel's netfilter: nf_tables component FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librari

CVE-2020-27815 [HIGH] CWE-119 A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system causing memory corruption or escalating pr A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidenti

CVE-2019-3016 [MEDIUM] CWE-362 In a Linux KVM guest that has PV TLB enabled a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux In a Linux KVM guest that has PV TLB enabled a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The pro