Msrc Azl3 Kernel 6.6.47.1-1 On Azure Linux 3.0 vulnerabilities

CVE-2024-46724 [HIGH] CWE-125 drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-44983 [HIGH] CWE-908 netfilter: flowtable: validate vlan header netfilter: flowtable: validate vlan header FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-46836 [HIGH] CWE-129 usb: gadget: aspeed_udc: validate endpoint index for ast udc usb: gadget: aspeed_udc: validate endpoint index for ast udc FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-46674 [HIGH] CWE-416 usb: dwc3: st: fix probed platform device ref count on probe error path usb: dwc3: st: fix probed platform device ref count on probe error path FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-46845 [HIGH] CWE-416 tracing/timerlat: Only clear timer if a kthread exists tracing/timerlat: Only clear timer if a kthread exists FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-45026 [HIGH] CWE-787 s390/dasd: fix error recovery leading to data corruption on ESE devices s390/dasd: fix error recovery leading to data corruption on ESE devices FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-46796 [HIGH] CWE-416 smb: client: fix double put of @cfile in smb2_set_path_size() smb: client: fix double put of @cfile in smb2_set_path_size() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries

CVE-2024-46818 [HIGH] CWE-129 drm/amd/display: Check gpio_id before used as array index drm/amd/display: Check gpio_id before used as array index FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-44998 [HIGH] CWE-416 atm: idt77252: prevent use after free in dequeue_rx() atm: idt77252: prevent use after free in dequeue_rx() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-46786 [HIGH] CWE-416 fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the

CVE-2024-44999 [HIGH] CWE-908 gtp: pull network headers in gtp_dev_xmit() gtp: pull network headers in gtp_dev_xmit() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2024-46814 [HIGH] CWE-129 drm/amd/display: Check msg_id before processing transcation drm/amd/display: Check msg_id before processing transcation FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-46746 [HIGH] CWE-416 HID: amd_sfh: free driver_data after destroying hid device HID: amd_sfh: free driver_data after destroying hid device FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-46747 [HIGH] CWE-125 HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar

CVE-2024-46722 [HIGH] CWE-125 drm/amdgpu: fix mc_data out-of-bounds read warning drm/amdgpu: fix mc_data out-of-bounds read warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2024-46782 [HIGH] CWE-416 ila: call nf_unregister_net_hooks() sooner ila: call nf_unregister_net_hooks() sooner FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-46743 [HIGH] CWE-125 of/irq: Prevent device address out-of-bounds read in interrupt map walk of/irq: Prevent device address out-of-bounds read in interrupt map walk FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-46831 [HIGH] CWE-416 net: microchip: vcap: Fix use-after-free error in kunit test net: microchip: vcap: Fix use-after-free error in kunit test FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-44997 [HIGH] CWE-416 net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure ve

CVE-2024-46731 [HIGH] CWE-125 drm/amd/pm: fix the Out-of-bounds read warning drm/amd/pm: fix the Out-of-bounds read warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo