Msrc Azl3 Kernel 6.6.64.2-1 On Azure Linux 3.0 vulnerabilities

CVE-2024-53150 [HIGH] ALSA: usb-audio: Fix out of bounds reads when finding clock sources ALSA: usb-audio: Fix out of bounds reads when finding clock sources FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar

CVE-2024-53156 [HIGH] CWE-129 wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-53141 [HIGH] netfilter: ipset: add missing range check in bitmap_ip_uadt netfilter: ipset: add missing range check in bitmap_ip_uadt FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t

CVE-2024-56538 [HIGH] drm: zynqmp_kms: Unplug DRM device before removal drm: zynqmp_kms: Unplug DRM device before removal FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compose

CVE-2024-56704 [HIGH] 9p/xen: fix release of IRQ 9p/xen: fix release of IRQ FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in t

CVE-2024-53227 [HIGH] CWE-416 scsi: bfa: Fix use-after-free in bfad_im_module_exit() scsi: bfa: Fix use-after-free in bfad_im_module_exit() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-53185 [MEDIUM] smb: client: fix NULL ptr deref in crypto_aead_setkey() smb: client: fix NULL ptr deref in crypto_aead_setkey() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2024-53108 [HIGH] drm/amd/display: Adjust VSDB parser for replay feature drm/amd/display: Adjust VSDB parser for replay feature FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2024-53208 [HIGH] Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries

CVE-2024-53213 [HIGH] CWE-415 net: usb: lan78xx: Fix double free issue with interrupt buffer allocation net: usb: lan78xx: Fix double free issue with interrupt buffer allocation FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of th

CVE-2024-53126 [HIGH] vdpa: solidrun: Fix UB bug with devres vdpa: solidrun: Fix UB bug with devres FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is commit

CVE-2024-53237 [HIGH] Bluetooth: fix use-after-free in device_for_each_child() Bluetooth: fix use-after-free in device_for_each_child() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2024-53103 [HIGH] hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2024-56581 [HIGH] CWE-416 btrfs: ref-verify: fix use-after-free after invalid ref action btrfs: ref-verify: fix use-after-free after invalid ref action FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2024-53139 [HIGH] CWE-416 sctp: fix possible UAF in sctp_v6_available() sctp: fix possible UAF in sctp_v6_available() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compose

CVE-2024-56551 [HIGH] CWE-416 drm/amdgpu: fix usage slab after free drm/amdgpu: fix usage slab after free FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is

CVE-2024-53173 [HIGH] NFSv4.0: Fix a use-after-free problem in the asynchronous open() NFSv4.0: Fix a use-after-free problem in the asynchronous open() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-53166 [HIGH] CWE-416 block, bfq: fix bfqq uaf in bfq_limit_depth() block, bfq: fix bfqq uaf in bfq_limit_depth() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compose

CVE-2024-53165 [HIGH] sh: intc: Fix use-after-free bug in register_intc_controller() sh: intc: Fix use-after-free bug in register_intc_controller() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-53210 [MEDIUM] s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with