Msrc Azl3 Kernel 6.6.57.1-1 On Azure Linux 3.0 vulnerabilities

CVE-2024-50035 [HIGH] CWE-908 ppp: fix ppp_async_encode() illegal access ppp: fix ppp_async_encode() illegal access FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-50059 [HIGH] CWE-416 ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to

CVE-2024-50029 [HIGH] CWE-416 Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t

CVE-2024-50033 [HIGH] CWE-908 slip: make slhc_remember() more robust against malicious packets slip: make slhc_remember() more robust against malicious packets FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-50047 [HIGH] CWE-416 smb: client: fix UAF in async decryption smb: client: fix UAF in async decryption FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microso

CVE-2024-50055 [HIGH] CWE-415 driver core: bus: Fix double free in driver API bus_register() driver core: bus: Fix double free in driver API bus_register() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2024-50036 [HIGH] net: do not delay dst_entries_add() in dst_release() net: do not delay dst_entries_add() in dst_release() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is c

CVE-2024-50061 [HIGH] CWE-416 i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date

CVE-2024-50026 [MEDIUM] scsi: wd33c93: Don't use stale scsi_pointer value scsi: wd33c93: Don't use stale scsi_pointer value FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-50064 [MEDIUM] CWE-401 zram: free secondary algorithms names zram: free secondary algorithms names FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft i

CVE-2024-50045 [MEDIUM] CWE-476 netfilter: br_netfilter: fix panic with metadata_dst skb netfilter: br_netfilter: fix panic with metadata_dst skb FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-50041 [MEDIUM] CWE-401 i40e: Fix macvlan leak by synchronizing access to mac_filter_hash i40e: Fix macvlan leak by synchronizing access to mac_filter_hash FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2024-50058 [MEDIUM] CWE-476 serial: protect uart_port_dtr_rts() in uart_shutdown() too serial: protect uart_port_dtr_rts() in uart_shutdown() too FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-50046 [MEDIUM] CWE-476 NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sourc

CVE-2024-50038 [MEDIUM] netfilter: xtables: avoid NFPROTO_UNSPEC where needed netfilter: xtables: avoid NFPROTO_UNSPEC where needed FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2024-50024 [MEDIUM] net: Fix an unsafe loop on the list net: Fix an unsafe loop on the list FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed

CVE-2024-50019 [MEDIUM] kthread: unpark only parked kthread kthread: unpark only parked kthread FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed

CVE-2024-50049 [MEDIUM] CWE-476 drm/amd/display: Check null pointer before dereferencing se drm/amd/display: Check null pointer before dereferencing se FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-50032 [MEDIUM] rcu/nocb: Fix rcuog wake-up from offline softirq rcu/nocb: Fix rcuog wake-up from offline softirq FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compose

CVE-2024-50062 [MEDIUM] CWE-476 RDMA/rtrs-srv: Avoid null pointer deref during path establishment RDMA/rtrs-srv: Avoid null pointer deref during path establishment FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source