Msrc Azl3 Kernel 6.6.51.1-1 On Azure Linux 3.0 vulnerabilities

CVE-2024-44983 [HIGH] CWE-908 netfilter: flowtable: validate vlan header netfilter: flowtable: validate vlan header FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-46674 [HIGH] CWE-416 usb: dwc3: st: fix probed platform device ref count on probe error path usb: dwc3: st: fix probed platform device ref count on probe error path FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-45026 [HIGH] CWE-787 s390/dasd: fix error recovery leading to data corruption on ESE devices s390/dasd: fix error recovery leading to data corruption on ESE devices FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-44998 [HIGH] CWE-416 atm: idt77252: prevent use after free in dequeue_rx() atm: idt77252: prevent use after free in dequeue_rx() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-44999 [HIGH] CWE-908 gtp: pull network headers in gtp_dev_xmit() gtp: pull network headers in gtp_dev_xmit() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2024-44997 [HIGH] CWE-416 net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure ve

CVE-2024-44974 [HIGH] CWE-416 mptcp: pm: avoid possible UaF when selecting endp mptcp: pm: avoid possible UaF when selecting endp FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2024-44987 [HIGH] CWE-416 ipv6: prevent UAF in ip6_send_skb() ipv6: prevent UAF in ip6_send_skb() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is comm

CVE-2024-44985 [HIGH] CWE-416 ipv6: prevent possible UAF in ip6_xmit() ipv6: prevent possible UAF in ip6_xmit() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microso

CVE-2024-46673 [HIGH] CWE-415 scsi: aacraid: Fix double-free on probe failure scsi: aacraid: Fix double-free on probe failure FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2024-46687 [HIGH] CWE-415 btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions o

CVE-2024-44986 [HIGH] CWE-416 ipv6: fix possible UAF in ip6_finish_output2() ipv6: fix possible UAF in ip6_finish_output2() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-45022 [MEDIUM] CWE-787 mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most rec

CVE-2024-45025 [MEDIUM] CWE-787 fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-45020 [MEDIUM] CWE-787 bpf: Fix a kernel verifier crash in stacksafe() bpf: Fix a kernel verifier crash in stacksafe() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is c

CVE-2024-44995 [MEDIUM] CWE-667 net: hns3: fix a deadlock problem when config TC during resetting net: hns3: fix a deadlock problem when config TC during resetting FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2024-44990 [MEDIUM] CWE-476 bonding: fix null pointer deref in bond_ipsec_offload_ok bonding: fix null pointer deref in bond_ipsec_offload_ok FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-46672 [MEDIUM] CWE-476 wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-45030 [MEDIUM] CWE-787 igb: cope with large MAX_SKB_FRAGS igb: cope with large MAX_SKB_FRAGS FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is comm

CVE-2024-45012 [MEDIUM] CWE-770 nouveau/firmware: use dma non-coherent allocator nouveau/firmware: use dma non-coherent allocator FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is