Msrc Azl3 Qemu 8.2.0-14 On Azure Linux 3.0 vulnerabilities

CVE-2024-7730 [HIGH] CWE-122 Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb() Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sour

CVE-2024-3447 [MEDIUM] CWE-122 Qemu: sdhci: heap buffer overflow in sdhci_write_dataport() Qemu: sdhci: heap buffer overflow in sdhci_write_dataport() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wit

CVE-2024-4467 [HIGH] CWE-400 Qemu-kvm: 'qemu-img info' leads to host file read/write Qemu-kvm: 'qemu-img info' leads to host file read/write FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which th

CVE-2024-6505 [MEDIUM] CWE-125 Qemu-kvm: virtio-net: queue index out-of-bounds access in software rss Qemu-kvm: virtio-net: queue index out-of-bounds access in software rss FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the ope

CVE-2024-4693 [MEDIUM] CWE-672 Qemu-kvm: virtio-pci: improper release of configure vector leads to guest triggerable crash Qemu-kvm: virtio-pci: improper release of configure vector leads to guest triggerable crash FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most

CVE-2024-3567 [MEDIUM] CWE-617 Qemu-kvm: net: assertion failure in update_sctp_checksum() Qemu-kvm: net: assertion failure in update_sctp_checksum() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with