Msrc Azure Linux 3.0 Arm vulnerabilities

CVE-2024-47731 [MEDIUM] CWE-459 drivers/perf: Fix ali_drw_pmu driver interrupt status clearing drivers/perf: Fix ali_drw_pmu driver interrupt status clearing FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar

CVE-2024-21218 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulne Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro

CVE-2024-21198 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multipl

CVE-2024-49850 [MEDIUM] CWE-476 bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries

CVE-2024-50039 [MEDIUM] CWE-476 net/sched: accept TCA_STAB only for root qdisc net/sched: accept TCA_STAB only for root qdisc FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2024-47705 [MEDIUM] CWE-476 block: fix potential invalid pointer dereference in blk_add_partition block: fix potential invalid pointer dereference in blk_add_partition FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open

CVE-2024-21239 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulne Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro

CVE-2024-47554 [MEDIUM] CWE-400 Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most r

CVE-2024-50048 [MEDIUM] CWE-476 fbcon: Fix a NULL pointer dereference issue in fbcon_putcs fbcon: Fix a NULL pointer dereference issue in fbcon_putcs FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-47671 [MEDIUM] USB: usbtmc: prevent kernel-usb-infoleak USB: usbtmc: prevent kernel-usb-infoleak FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is

CVE-2024-49863 [MEDIUM] CWE-476 vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-49879 [MEDIUM] CWE-476 drm: omapdrm: Add missing check for alloc_ordered_workqueue drm: omapdrm: Add missing check for alloc_ordered_workqueue FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-47683 [MEDIUM] CWE-476 drm/amd/display: Skip Recompute DSC Params if no Stream on Link drm/amd/display: Skip Recompute DSC Params if no Stream on Link FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-21201 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploi Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via m

CVE-2024-47752 [MEDIUM] CWE-476 media: mediatek: vcodec: Fix H264 stateless decoder smatch warning media: mediatek: vcodec: Fix H264 stateless decoder smatch warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sourc

CVE-2024-49965 [MEDIUM] CWE-667 ocfs2: remove unreasonable unlock in ocfs2_read_blocks ocfs2: remove unreasonable unlock in ocfs2_read_blocks FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t

CVE-2024-49929 [MEDIUM] CWE-476 wifi: iwlwifi: mvm: avoid NULL pointer dereference wifi: iwlwifi: mvm: avoid NULL pointer dereference FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-49901 [MEDIUM] CWE-476 drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar

CVE-2024-42934 [MEDIUM] CWE-862 OpenIPMI before 2.0.36 has an out-of-bounds array access (for authentication type) in the ipmi_sim simulator resulting in denial of service or (with very low probability) authentication bypass or code OpenIPMI before 2.0.36 has an out-of-bounds array access (for authentication type) in the ipmi_sim simulator resulting in denial of service or (with very low probability) authentication bypass or code execution. FAQ: Is Azure Linux the only Microsoft product that in

CVE-2024-47728 [MEDIUM] CWE-459 bpf: Zero former ARG_PTR_TO_{LONGINT} args in case of error bpf: Zero former ARG_PTR_TO_{LONGINT} args in case of error FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi