Msrc Azl3 Kernel 6.6.64.2-9 On Azure Linux 3.0 vulnerabilities

CVE-2025-21687 [HIGH] CWE-125 vfio/platform: check the bounds of read/write syscalls vfio/platform: check the bounds of read/write syscalls FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-57980 [HIGH] media: uvcvideo: Fix double free in error path media: uvcvideo: Fix double free in error path FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-57951 [HIGH] CWE-416 hrtimers: Handle CPU state correctly on hotplug hrtimers: Handle CPU state correctly on hotplug FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2025-21743 [HIGH] CWE-125 usbnet: ipheth: fix possible overflow in DPE length check usbnet: ipheth: fix possible overflow in DPE length check FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2025-21692 [HIGH] CWE-129 net: sched: fix ets qdisc OOB Indexing net: sched: fix ets qdisc OOB Indexing FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft i

CVE-2024-58007 [HIGH] CWE-125 soc: qcom: socinfo: Avoid out of bounds read of serial number soc: qcom: socinfo: Avoid out of bounds read of serial number FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries

CVE-2025-21741 [HIGH] CWE-125 usbnet: ipheth: fix DPE OoB read usbnet: ipheth: fix DPE OoB read FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed

CVE-2025-21742 [HIGH] usbnet: ipheth: use static NDP16 location in URB usbnet: ipheth: use static NDP16 location in URB FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed.

CVE-2025-21718 [HIGH] CWE-362 net: rose: fix timer races against user threads net: rose: fix timer races against user threads FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2025-21735 [HIGH] NFC: nci: Add bounds checking in nci_hci_create_pipe() NFC: nci: Add bounds checking in nci_hci_create_pipe() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2025-21694 [MEDIUM] fs/proc: fix softlockup in __read_vmcore (part 2) fs/proc: fix softlockup in __read_vmcore (part 2) FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2025-21744 [MEDIUM] wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar

CVE-2025-21689 [MEDIUM] CWE-476 USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sou

CVE-2024-57981 [MEDIUM] CWE-476 usb: xhci: Fix NULL pointer dereference on certain command aborts usb: xhci: Fix NULL pointer dereference on certain command aborts FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2025-21707 [MEDIUM] mptcp: consolidate suboption status mptcp: consolidate suboption status FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed

CVE-2024-57949 [MEDIUM] CWE-667 irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity() irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions o

CVE-2025-21736 [MEDIUM] CWE-190 nilfs2: fix possible int overflows in nilfs_fiemap() nilfs2: fix possible int overflows in nilfs_fiemap() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2025-21711 [MEDIUM] CWE-190 net/rose: prevent integer overflows in rose_setsockopt() net/rose: prevent integer overflows in rose_setsockopt() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-58010 [MEDIUM] CWE-190 binfmt_flat: Fix integer overflow bug on 32 bit systems binfmt_flat: Fix integer overflow bug on 32 bit systems FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2025-21699 [MEDIUM] gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with