Msrc Azl3 Kernel 6.6.76.1-1 On Azure Linux 3.0 vulnerabilities

CVE-2024-57951 [HIGH] CWE-416 hrtimers: Handle CPU state correctly on hotplug hrtimers: Handle CPU state correctly on hotplug FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2025-21692 [HIGH] CWE-129 net: sched: fix ets qdisc OOB Indexing net: sched: fix ets qdisc OOB Indexing FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft i

CVE-2025-21694 [MEDIUM] fs/proc: fix softlockup in __read_vmcore (part 2) fs/proc: fix softlockup in __read_vmcore (part 2) FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-57949 [MEDIUM] CWE-667 irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity() irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions o

CVE-2025-21699 [MEDIUM] gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2025-21684 [MEDIUM] gpio: xilinx: Convert gpio_lock to raw spinlock gpio: xilinx: Convert gpio_lock to raw spinlock FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed.

CVE-2025-21690 [MEDIUM] CWE-770 scsi: storvsc: Ratelimit warning logs to prevent VM denial of service scsi: storvsc: Ratelimit warning logs to prevent VM denial of service FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open

CVE-2025-21697 [MEDIUM] drm/v3d: Ensure job pointer is set to NULL after job completion drm/v3d: Ensure job pointer is set to NULL after job completion FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-56640 [HIGH] net/smc: fix LGR and link use-after-free issue net/smc: fix LGR and link use-after-free issue FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-56658 [HIGH] CWE-416 net: defer final 'struct net' free in netns dismantle net: defer final 'struct net' free in netns dismantle FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-56631 [HIGH] CWE-416 scsi: sg: Fix slab-use-after-free read in sg_release() scsi: sg: Fix slab-use-after-free read in sg_release() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-56675 [HIGH] bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2024-56651 [HIGH] CWE-416 can: hi311x: hi3110_can_ist(): fix potential use-after-free can: hi311x: hi3110_can_ist(): fix potential use-after-free FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-56582 [HIGH] CWE-416 btrfs: fix use-after-free in btrfs_encoded_read_endio() btrfs: fix use-after-free in btrfs_encoded_read_endio() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t

CVE-2024-56653 [HIGH] Bluetooth: btmtk: avoid UAF in btmtk_process_coredump Bluetooth: btmtk: avoid UAF in btmtk_process_coredump FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2024-56663 [HIGH] CWE-193 wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-56602 [HIGH] CWE-416 net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of

CVE-2024-56623 [MEDIUM] scsi: qla2xxx: Fix use after free on unload scsi: qla2xxx: Fix use after free on unload FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microso

CVE-2024-56601 [HIGH] net: inet: do not leave a dangling sk pointer in inet_create() net: inet: do not leave a dangling sk pointer in inet_create() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-56603 [HIGH] CWE-416 net: af_can: do not leave a dangling sk pointer in can_create() net: af_can: do not leave a dangling sk pointer in can_create() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar