Msrc Azl3 Kernel 6.6.82.1-1 On Azure Linux 3.0 vulnerabilities

CVE-2025-21967 [HIGH] ksmbd: fix use-after-free in ksmbd_free_work_struct ksmbd: fix use-after-free in ksmbd_free_work_struct FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2025-21999 [HIGH] proc: fix UAF in proc_get_inode() proc: fix UAF in proc_get_inode() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to tra

CVE-2025-21979 [HIGH] wifi: cfg80211: cancel wiphy_work before freeing wiphy wifi: cfg80211: cancel wiphy_work before freeing wiphy FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2025-22004 [HIGH] CWE-416 net: atm: fix use after free in lec_send() net: atm: fix use after free in lec_send() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2025-21915 [HIGH] cdx: Fix possible UAF error in driver_override_show() cdx: Fix possible UAF error in driver_override_show() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2025-21934 [HIGH] CWE-416 rapidio: fix an API misues when rio_add_net() fails rapidio: fix an API misues when rio_add_net() fails FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2025-21968 [HIGH] CWE-416 drm/amd/display: Fix slab-use-after-free on hdcp_work drm/amd/display: Fix slab-use-after-free on hdcp_work FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2025-21920 [HIGH] CWE-125 vlan: enforce underlying device type vlan: enforce underlying device type FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is co

CVE-2025-21923 [HIGH] CWE-416 HID: hid-steam: Fix use-after-free when detaching device HID: hid-steam: Fix use-after-free when detaching device FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2025-21945 [HIGH] ksmbd: fix use-after-free in smb2_lock ksmbd: fix use-after-free in smb2_lock FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is commit

CVE-2025-21993 [HIGH] CWE-125 iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of th

CVE-2025-21928 [HIGH] HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2025-21991 [HIGH] CWE-129 x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the

CVE-2025-21919 [HIGH] CWE-787 sched/fair: Fix potential memory corruption in child_cfs_rq_on_list sched/fair: Fix potential memory corruption in child_cfs_rq_on_list FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sourc

CVE-2025-21980 [MEDIUM] CWE-476 sched: address a potential NULL pointer dereference in the GRED scheduler. sched: address a potential NULL pointer dereference in the GRED scheduler. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions o

CVE-2025-21951 [MEDIUM] CWE-667 bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions

CVE-2025-21922 [MEDIUM] ppp: Fix KMSAN uninit-value warning with bpf ppp: Fix KMSAN uninit-value warning with bpf FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Micro

CVE-2025-21918 [MEDIUM] CWE-476 usb: typec: ucsi: Fix NULL pointer access usb: typec: ucsi: Fix NULL pointer access FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2025-22001 [MEDIUM] accel/qaic: Fix integer overflow in qaic_validate_req() accel/qaic: Fix integer overflow in qaic_validate_req() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2025-21917 [MEDIUM] CWE-476 usb: renesas_usbhs: Flush the notify_hotplug_work usb: renesas_usbhs: Flush the notify_hotplug_work FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro