Msrc Azl3 Kernel 6.6.96.2-1 On Azure Linux 3.0 vulnerabilities

CVE-2025-38714 [HIGH] hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2025-39732 [MEDIUM] wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open s

CVE-2025-38699 [HIGH] scsi: bfa: Double-free fix scsi: bfa: Double-free fix FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in t

CVE-2025-39677 [MEDIUM] net/sched: Fix backlog accounting in qdisc_dequeue_internal net/sched: Fix backlog accounting in qdisc_dequeue_internal FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2025-38688 [HIGH] iommufd: Prevent ALIGN() overflow iommufd: Prevent ALIGN() overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to tra

CVE-2025-38735 [MEDIUM] gve: prevent ethtool ops after shutdown gve: prevent ethtool ops after shutdown FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is co

CVE-2025-39673 [MEDIUM] ppp: fix race conditions in ppp_fill_forward_path ppp: fix race conditions in ppp_fill_forward_path FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2025-39702 [HIGH] ipv6: sr: Fix MAC comparison to be constant-time ipv6: sr: Fix MAC comparison to be constant-time FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed.

CVE-2025-38685 [HIGH] fbdev: Fix vmalloc out-of-bounds write in fast_imageblit fbdev: Fix vmalloc out-of-bounds write in fast_imageblit FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2025-38701 [MEDIUM] ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2025-39711 [HIGH] CWE-416 media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions o

CVE-2025-39721 [MEDIUM] crypto: qat - flush misc workqueue during device shutdown crypto: qat - flush misc workqueue during device shutdown FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2025-39703 [MEDIUM] net, hsr: reject HSR frame if skb can't hold tag net, hsr: reject HSR frame if skb can't hold tag FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compose

CVE-2025-38718 [HIGH] CWE-908 sctp: linearize cloned gso packets in sctp_rcv sctp: linearize cloned gso packets in sctp_rcv FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2025-39683 [HIGH] tracing: Limit access to parser->buffer when trace_get_user failed tracing: Limit access to parser->buffer when trace_get_user failed FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2025-39689 [HIGH] ftrace: Also allocate and copy hash for reading of filter files ftrace: Also allocate and copy hash for reading of filter files FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2025-38702 [HIGH] fbdev: fix potential buffer overflow in do_register_framebuffer() fbdev: fix potential buffer overflow in do_register_framebuffer() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries

CVE-2025-38697 [HIGH] jfs: upper bound check of tree index in dbAllocAG jfs: upper bound check of tree index in dbAllocAG FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compose

CVE-2025-38680 [HIGH] CWE-125 media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sou

CVE-2025-38692 [MEDIUM] exfat: add cluster chain loop check for dir exfat: add cluster chain loop check for dir FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microso