Msrc Azl3 Kernel 6.6.92.2-2 On Azure Linux 3.0 vulnerabilities

CVE-2025-38180 [HIGH] net: atm: fix /proc/net/atm/lec handling net: atm: fix /proc/net/atm/lec handling FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is co

CVE-2025-38200 [MEDIUM] i40e: fix MMIO write access to an invalid page in i40e_clear_hw i40e: fix MMIO write access to an invalid page in i40e_clear_hw FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2025-38204 [HIGH] CWE-125 jfs: fix array-index-out-of-bounds read in add_missing_indices jfs: fix array-index-out-of-bounds read in add_missing_indices FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2025-38230 [HIGH] jfs: validate AG parameters in dbMount() to prevent crashes jfs: validate AG parameters in dbMount() to prevent crashes FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t

CVE-2025-38194 [MEDIUM] jffs2: check that raw node were preallocated before writing summary jffs2: check that raw node were preallocated before writing summary FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2025-38244 [MEDIUM] smb: client: fix potential deadlock when reconnecting channels smb: client: fix potential deadlock when reconnecting channels FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2025-38170 [MEDIUM] arm64/fpsimd: Discard stale CPU state when handling SME traps arm64/fpsimd: Discard stale CPU state when handling SME traps FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2025-38283 [MEDIUM] hisi_acc_vfio_pci: bugfix live migration function without VF device driver hisi_acc_vfio_pci: bugfix live migration function without VF device driver FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2025-38229 [MEDIUM] media: cxusb: no longer judge rbuf when the write fails media: cxusb: no longer judge rbuf when the write fails FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2025-38157 [HIGH] wifi: ath9k_htc: Abort software beacon handling if disabled wifi: ath9k_htc: Abort software beacon handling if disabled FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t

CVE-2025-38193 [MEDIUM] net_sched: sch_sfq: reject invalid perturb period net_sched: sch_sfq: reject invalid perturb period FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2025-38286 [HIGH] pinctrl: at91: Fix possible out-of-boundary access pinctrl: at91: Fix possible out-of-boundary access FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2025-38212 [HIGH] ipc: fix to protect IPCS lookups using RCU ipc: fix to protect IPCS lookups using RCU FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft i

CVE-2025-38183 [HIGH] CWE-787 net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most s

CVE-2025-38146 [HIGH] net: openvswitch: Fix the dead loop of MPLS parse net: openvswitch: Fix the dead loop of MPLS parse FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compose

CVE-2025-38259 [HIGH] ASoC: codecs: wcd9335: Fix missing free of regulator supplies ASoC: codecs: wcd9335: Fix missing free of regulator supplies FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2025-38159 [HIGH] CWE-125 wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open

CVE-2025-38111 [HIGH] CWE-125 net/mdiobus: Fix potential out-of-bounds read/write access net/mdiobus: Fix potential out-of-bounds read/write access FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2025-38363 [MEDIUM] drm/tegra: Fix a possible null pointer dereference drm/tegra: Fix a possible null pointer dereference FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2025-38292 [HIGH] wifi: ath12k: fix invalid access to memory wifi: ath12k: fix invalid access to memory FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft i