Msrc Azl3 Kernel 6.6.96.2-2 On Azure Linux 3.0 vulnerabilities

CVE-2025-39968 [CRITICAL] i40e: add max boundary check for VF filters i40e: add max boundary check for VF filters FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Micro

CVE-2025-39996 [CRITICAL] media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versio

CVE-2025-39978 [CRITICAL] octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2025-39973 [CRITICAL] i40e: add validation for ring_len param i40e: add validation for ring_len param FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is

CVE-2025-39970 [CRITICAL] i40e: fix input validation logic for action_meta i40e: fix input validation logic for action_meta FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2025-39985 [CRITICAL] can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

CVE-2025-39972 [CRITICAL] i40e: fix idx validation in i40e_validate_queue_map i40e: fix idx validation in i40e_validate_queue_map FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2025-39967 [HIGH] fbcon: fix integer overflow in fbcon_do_set_font fbcon: fix integer overflow in fbcon_do_set_font FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed.

CVE-2025-39994 [CRITICAL] media: tuner: xc5000: Fix use-after-free in xc5000_release media: tuner: xc5000: Fix use-after-free in xc5000_release FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2025-39925 [MEDIUM] can: j1939: implement NETDEV_UNREGISTER notification handler can: j1939: implement NETDEV_UNREGISTER notification handler FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2025-39898 [CRITICAL] e1000e: fix heap overflow in e1000_set_eeprom e1000e: fix heap overflow in e1000_set_eeprom FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2025-40000 [CRITICAL] wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2025-39910 [MEDIUM] CWE-667 mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc() mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sourc

CVE-2025-39943 [HIGH] ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most

CVE-2025-39907 [MEDIUM] mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar

CVE-2025-39971 [CRITICAL] i40e: fix idx validation in config queues msg i40e: fix idx validation in config queues msg FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2025-39986 [CRITICAL] can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2025-39944 [HIGH] CWE-416 octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2025-39980 [HIGH] nexthop: Forbid FDB status change while nexthop is in a group nexthop: Forbid FDB status change while nexthop is in a group FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2025-39977 [HIGH] futex: Prevent use-after-free during requeue-PI futex: Prevent use-after-free during requeue-PI FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M