Msrc Azl3 Kernel 6.6.57.1-7 On Azure Linux 3.0 vulnerabilities

CVE-2024-53150 [HIGH] ALSA: usb-audio: Fix out of bounds reads when finding clock sources ALSA: usb-audio: Fix out of bounds reads when finding clock sources FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar

CVE-2024-53156 [HIGH] CWE-129 wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-53141 [HIGH] netfilter: ipset: add missing range check in bitmap_ip_uadt netfilter: ipset: add missing range check in bitmap_ip_uadt FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t

CVE-2024-56538 [HIGH] drm: zynqmp_kms: Unplug DRM device before removal drm: zynqmp_kms: Unplug DRM device before removal FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compose

CVE-2024-56704 [HIGH] 9p/xen: fix release of IRQ 9p/xen: fix release of IRQ FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in t

CVE-2024-53227 [HIGH] CWE-416 scsi: bfa: Fix use-after-free in bfad_im_module_exit() scsi: bfa: Fix use-after-free in bfad_im_module_exit() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-53155 [HIGH] CWE-908 ocfs2: fix uninitialized value in ocfs2_file_read_iter() ocfs2: fix uninitialized value in ocfs2_file_read_iter() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2024-53185 [MEDIUM] smb: client: fix NULL ptr deref in crypto_aead_setkey() smb: client: fix NULL ptr deref in crypto_aead_setkey() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2024-53108 [HIGH] drm/amd/display: Adjust VSDB parser for replay feature drm/amd/display: Adjust VSDB parser for replay feature FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2024-53208 [HIGH] Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries

CVE-2024-56708 [HIGH] CWE-415 EDAC/igen6: Avoid segmentation fault on module unload EDAC/igen6: Avoid segmentation fault on module unload FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-53213 [HIGH] CWE-415 net: usb: lan78xx: Fix double free issue with interrupt buffer allocation net: usb: lan78xx: Fix double free issue with interrupt buffer allocation FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of th

CVE-2024-53126 [HIGH] vdpa: solidrun: Fix UB bug with devres vdpa: solidrun: Fix UB bug with devres FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is commit

CVE-2024-53237 [HIGH] Bluetooth: fix use-after-free in device_for_each_child() Bluetooth: fix use-after-free in device_for_each_child() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2024-53103 [HIGH] hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2024-53171 [HIGH] CWE-416 ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

CVE-2024-56581 [HIGH] CWE-416 btrfs: ref-verify: fix use-after-free after invalid ref action btrfs: ref-verify: fix use-after-free after invalid ref action FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2024-53139 [HIGH] CWE-416 sctp: fix possible UAF in sctp_v6_available() sctp: fix possible UAF in sctp_v6_available() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compose

CVE-2024-56551 [HIGH] CWE-416 drm/amdgpu: fix usage slab after free drm/amdgpu: fix usage slab after free FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is

CVE-2024-53173 [HIGH] NFSv4.0: Fix a use-after-free problem in the asynchronous open() NFSv4.0: Fix a use-after-free problem in the asynchronous open() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi