Msrc Azl3 Kernel 6.6.79.1-1 On Azure Linux 3.0 vulnerabilities

CVE-2025-21780 [HIGH] CWE-120 drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2025-21782 [HIGH] CWE-125 orangefs: fix a oob in orangefs_debug_write orangefs: fix a oob in orangefs_debug_write FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2025-21785 [HIGH] CWE-787 arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2025-21789 [HIGH] CWE-125 LoongArch: csum: Fix OoB access in IP checksum code for negative lengths LoongArch: csum: Fix OoB access in IP checksum code for negative lengths FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the

CVE-2025-21794 [HIGH] CWE-125 HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure

CVE-2025-21787 [MEDIUM] team: better TEAM_OPTION_TYPE_STRING validation team: better TEAM_OPTION_TYPE_STRING validation FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed.

CVE-2025-21790 [MEDIUM] CWE-476 vxlan: check vxlan_vnigroup_init() return value vxlan: check vxlan_vnigroup_init() return value FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is c

CVE-2024-58020 [MEDIUM] CWE-476 HID: multitouch: Add NULL check in mt_input_configured HID: multitouch: Add NULL check in mt_input_configured FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t

CVE-2025-21776 [MEDIUM] USB: hub: Ignore non-compliant devices with too many configs or interfaces USB: hub: Ignore non-compliant devices with too many configs or interfaces FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2025-21779 [MEDIUM] KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of th

CVE-2025-21792 [MEDIUM] ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2025-21793 [MEDIUM] spi: sn-f-ospi: Fix division by zero spi: sn-f-ospi: Fix division by zero FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committe

CVE-2025-21773 [MEDIUM] CWE-476 can: etas_es58x: fix potential NULL pointer dereference on udev->serial can: etas_es58x: fix potential NULL pointer dereference on udev->serial FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the

CVE-2024-57834 [MEDIUM] CWE-476 media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2025-21775 [MEDIUM] CWE-476 can: ctucanfd: handle skb allocation failure can: ctucanfd: handle skb allocation failure FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compose

CVE-2025-21783 [MEDIUM] CWE-476 gpiolib: Fix crash on error in gpiochip_get_ngpios() gpiolib: Fix crash on error in gpiochip_get_ngpios() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-49919 [MEDIUM] CWE-476 drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most

CVE-2024-49923 [MEDIUM] CWE-476 drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the

CVE-2023-52585 [MEDIUM] CWE-476 drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most