Msrc Azure Linux 3.0 Arm vulnerabilities

CVE-2024-47744 [MEDIUM] CWE-667 KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open

CVE-2024-49961 [MEDIUM] media: i2c: ar0521: Use cansleep version of gpiod_set_value() media: i2c: ar0521: Use cansleep version of gpiod_set_value() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-49856 [MEDIUM] CWE-835 x86/sgx: Fix deadlock in SGX NUMA node search x86/sgx: Fix deadlock in SGX NUMA node search FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-31228 [MEDIUM] CWE-674 Denial-of-service due to unbounded pattern matching in Redis Denial-of-service due to unbounded pattern matching in Redis FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries

CVE-2024-8508 [MEDIUM] CWE-1284 Unbounded name compression could lead to Denial of Service Unbounded name compression could lead to Denial of Service FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-50024 [MEDIUM] net: Fix an unsafe loop on the list net: Fix an unsafe loop on the list FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed

CVE-2024-50019 [MEDIUM] kthread: unpark only parked kthread kthread: unpark only parked kthread FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed

CVE-2024-49976 [MEDIUM] CWE-667 tracing/timerlat: Drop interface_lock in stop_kthread() tracing/timerlat: Drop interface_lock in stop_kthread() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2024-49851 [MEDIUM] CWE-459 tpm: Clean up TPM space after command failure tpm: Clean up TPM space after command failure FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-50049 [MEDIUM] CWE-476 drm/amd/display: Check null pointer before dereferencing se drm/amd/display: Check null pointer before dereferencing se FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-50008 [MEDIUM] wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and

CVE-2024-47690 [MEDIUM] f2fs: get rid of online repaire on corrupted directory f2fs: get rid of online repaire on corrupted directory FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-49963 [MEDIUM] mailbox: bcm2835: Fix timeout during suspend mode mailbox: bcm2835: Fix timeout during suspend mode FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-49881 [MEDIUM] CWE-476 ext4: update orig_path in ext4_find_extent() ext4: update orig_path in ext4_find_extent() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compose

CVE-2024-49907 [MEDIUM] CWE-476 drm/amd/display: Check null pointers before using dc->clk_mgr drm/amd/display: Check null pointers before using dc->clk_mgr FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2024-49875 [MEDIUM] CWE-354 nfsd: map the EBADMSG to nfserr_io to avoid warning nfsd: map the EBADMSG to nfserr_io to avoid warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2024-49985 [MEDIUM] CWE-667 i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions o

CVE-2024-21207 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.38 and prior 8.4.1 and prior and 9.0.1 and prior. Easily exploitable vulne Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.38 and prior 8.4.1 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro

CVE-2024-49988 [MEDIUM] CWE-416 ksmbd: add refcnt to ksmbd_conn struct ksmbd: add refcnt to ksmbd_conn struct FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft

CVE-2024-47688 [MEDIUM] CWE-476 driver core: Fix a potential null-ptr-deref in module_add_driver() driver core: Fix a potential null-ptr-deref in module_add_driver() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sourc