Msrc Azl3 Kernel 6.6.56.1-5 On Azure Linux 3.0 vulnerabilities

CVE-2024-47685 [CRITICAL] CWE-908 netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-47686 [HIGH] CWE-193 ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-50035 [HIGH] CWE-908 ppp: fix ppp_async_encode() illegal access ppp: fix ppp_async_encode() illegal access FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-47697 [HIGH] CWE-787 drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-47750 [HIGH] CWE-416 RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2024-50059 [HIGH] CWE-416 ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to

CVE-2024-47719 [HIGH] CWE-787 iommufd: Protect against overflow of ALIGN() during iova allocation iommufd: Protect against overflow of ALIGN() during iova allocation FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sourc

CVE-2024-49862 [HIGH] CWE-193 powercap: intel_rapl: Fix off by one in get_rpi() powercap: intel_rapl: Fix off by one in get_rpi() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2024-50029 [HIGH] CWE-416 Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t

CVE-2024-50033 [HIGH] CWE-908 slip: make slhc_remember() more robust against malicious packets slip: make slhc_remember() more robust against malicious packets FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-47682 [HIGH] CWE-193 scsi: sd: Fix off-by-one error in sd_read_block_characteristics() scsi: sd: Fix off-by-one error in sd_read_block_characteristics() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

CVE-2024-49853 [HIGH] CWE-415 firmware: arm_scmi: Fix double free in OPTEE transport firmware: arm_scmi: Fix double free in OPTEE transport FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-47723 [HIGH] CWE-125 jfs: fix out-of-bounds in dbNextAG() and diAlloc() jfs: fix out-of-bounds in dbNextAG() and diAlloc() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2024-49855 [HIGH] CWE-416 nbd: fix race between timeout and normal completion nbd: fix race between timeout and normal completion FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-47741 [HIGH] CWE-362 btrfs: fix race setting file private on concurrent lseek using same fd btrfs: fix race setting file private on concurrent lseek using same fd FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open

CVE-2024-47742 [HIGH] CWE-22 firmware_loader: Block path traversal firmware_loader: Block path traversal FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is c

CVE-2024-49860 [HIGH] CWE-843 ACPI: sysfs: validate return type of _STR method ACPI: sysfs: validate return type of _STR method FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is c

CVE-2024-47751 [HIGH] CWE-120 PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-50047 [HIGH] CWE-416 smb: client: fix UAF in async decryption smb: client: fix UAF in async decryption FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microso

CVE-2024-49854 [HIGH] CWE-416 block bfq: fix uaf for accessing waker_bfqq after splitting block bfq: fix uaf for accessing waker_bfqq after splitting FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with