Msrc Azure Linux 3.0 Arm vulnerabilities

CVE-2024-46814 [HIGH] CWE-129 drm/amd/display: Check msg_id before processing transcation drm/amd/display: Check msg_id before processing transcation FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-40898 [HIGH] CVE-2024-40898: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2024-40898 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Exploit Status: DOS:N/A Remediation: httpd

CVE-2024-46746 [HIGH] CWE-416 HID: amd_sfh: free driver_data after destroying hid device HID: amd_sfh: free driver_data after destroying hid device FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-46747 [HIGH] CWE-125 HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar

CVE-2024-46722 [HIGH] CWE-125 drm/amdgpu: fix mc_data out-of-bounds read warning drm/amdgpu: fix mc_data out-of-bounds read warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2024-6232 [HIGH] CWE-1333 Regular-expression DoS when parsing TarFile headers Regular-expression DoS when parsing TarFile headers FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-46782 [HIGH] CWE-416 ila: call nf_unregister_net_hooks() sooner ila: call nf_unregister_net_hooks() sooner FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-46743 [HIGH] CWE-125 of/irq: Prevent device address out-of-bounds read in interrupt map walk of/irq: Prevent device address out-of-bounds read in interrupt map walk FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-46831 [HIGH] CWE-416 net: microchip: vcap: Fix use-after-free error in kunit test net: microchip: vcap: Fix use-after-free error in kunit test FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-44997 [HIGH] CWE-416 net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure ve

CVE-2024-46731 [HIGH] CWE-125 drm/amd/pm: fix the Out-of-bounds read warning drm/amd/pm: fix the Out-of-bounds read warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-46852 [HIGH] CWE-193 dma-buf: heaps: Fix off-by-one in CMA heap fault handler dma-buf: heaps: Fix off-by-one in CMA heap fault handler FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2024-46858 [HIGH] CWE-416 mptcp: pm: Fix uaf in __timer_delete_sync mptcp: pm: Fix uaf in __timer_delete_sync FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Micro

CVE-2024-44974 [HIGH] CWE-416 mptcp: pm: avoid possible UaF when selecting endp mptcp: pm: avoid possible UaF when selecting endp FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2021-42248 [HIGH] CVE-2021-42248: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2021-42248 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Exploit Status: DOS:N/A Remediation: keda

CVE-2024-46821 [HIGH] CWE-129 drm/amd/pm: Fix negative array index read drm/amd/pm: Fix negative array index read FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Micro

CVE-2024-20505 [MEDIUM] CWE-125 ClamAV Memory Handling DoS ClamAV Memory Handling DoS FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transpa

CVE-2024-46741 [HIGH] CWE-415 misc: fastrpc: Fix double free of 'buf' in error path misc: fastrpc: Fix double free of 'buf' in error path FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-46844 [HIGH] CWE-824 um: line: always fill *error_out in setup_one_line() um: line: always fill *error_out in setup_one_line() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2024-46740 [HIGH] CWE-416 binder: fix UAF caused by offsets overwrite binder: fix UAF caused by offsets overwrite FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M