Msrc Azl3 Qemu 8.2.0-23 On Azure Linux 3.0 vulnerabilities

6 known vulnerabilities affecting msrc/azl3_qemu_8.2.0-23_on_azure_linux_3.0.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM3LOW1

Vulnerabilities

Page 1 of 1
CVE-2025-2486HIGHCVSS 8.82025-11-11
CVE-2025-2486 [LOW] CWE-489 UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu Mariner: Mariner canonical: canonical Customer Action Required: Yes
msrc
CVE-2025-11234HIGHCVSS 7.52025-10-14
CVE-2025-11234 [HIGH] CWE-416 Qemu-kvm: vnc websocket handshake use-after-free Qemu-kvm: vnc websocket handshake use-after-free FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is c
msrc
CVE-2025-12464MEDIUMCVSS 6.22025-10-14
CVE-2025-12464 [MEDIUM] CWE-121 Qemu-kvm: stack buffer overflow in e1000 device via short frames in loopback mode Qemu-kvm: stack buffer overflow in e1000 device via short frames in loopback mode FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most sec
msrc
CVE-2025-9232MEDIUMCVSS 5.92025-09-09
CVE-2025-9232 [MEDIUM] CWE-125 Out-of-bounds read in HTTP client no_proxy handling Out-of-bounds read in HTTP client no_proxy handling FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dist
msrc
CVE-2024-8354MEDIUMCVSS 5.52024-09-10
CVE-2024-8354 [MEDIUM] CWE-617 Qemu-kvm: usb: assertion failure in usb_ep_get() Qemu-kvm: usb: assertion failure in usb_ep_get() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is
msrc
CVE-2024-8612LOWCVSS 3.82024-09-10
CVE-2024-8612 [LOW] CWE-200 Qemu-kvm: information leak in virtio devices Qemu-kvm: information leak in virtio devices FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M
msrc