Msrc Azure Linux 3.0 Arm vulnerabilities

CVE-2024-44987 [HIGH] CWE-416 ipv6: prevent UAF in ip6_send_skb() ipv6: prevent UAF in ip6_send_skb() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is comm

CVE-2024-46853 [HIGH] CWE-787 spi: nxp-fspi: fix the KASAN report out-of-bounds bug spi: nxp-fspi: fix the KASAN report out-of-bounds bug FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-46804 [HIGH] CWE-129 drm/amd/display: Add array index check for hdcp ddc access drm/amd/display: Add array index check for hdcp ddc access FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-44985 [HIGH] CWE-416 ipv6: prevent possible UAF in ip6_xmit() ipv6: prevent possible UAF in ip6_xmit() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microso

CVE-2024-46798 [HIGH] CWE-416 ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2024-45506 [HIGH] HAProxy 2.9.x before 2.9.10 3.0.x before 3.0.4 and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions as exploite HAProxy 2.9.x before 2.9.10 3.0.x before 3.0.4 and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions as exploited in the wild in 2024. FAQ: Is Azure Linux the only Microsoft product that i

CVE-2024-46738 [HIGH] CWE-416 VMCI: Fix use-after-free when removing resource in vmci_resource_remove() VMCI: Fix use-after-free when removing resource in vmci_resource_remove() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of th

CVE-2024-46811 [HIGH] CWE-129 drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most s

CVE-2024-46759 [HIGH] CWE-191 hwmon: (adc128d818) Fix underflows seen when writing limit attributes hwmon: (adc128d818) Fix underflows seen when writing limit attributes FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open s

CVE-2024-46723 [HIGH] CWE-125 drm/amdgpu: fix ucode out-of-bounds read warning drm/amdgpu: fix ucode out-of-bounds read warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is c

CVE-2024-46673 [HIGH] CWE-415 scsi: aacraid: Fix double-free on probe failure scsi: aacraid: Fix double-free on probe failure FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2024-46687 [HIGH] CWE-415 btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions o

CVE-2024-46725 [HIGH] CWE-787 drm/amdgpu: Fix out-of-bounds write warning drm/amdgpu: Fix out-of-bounds write warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2024-46800 [HIGH] CWE-416 sch/netem: fix use after free in netem_dequeue sch/netem: fix use after free in netem_dequeue FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-44986 [HIGH] CWE-416 ipv6: fix possible UAF in ip6_finish_output2() ipv6: fix possible UAF in ip6_finish_output2() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-44977 [HIGH] CWE-787 drm/amdgpu: Validate TA binary size drm/amdgpu: Validate TA binary size FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is comm

CVE-2024-46854 [HIGH] net: dpaa: Pad packets to ETH_ZLEN net: dpaa: Pad packets to ETH_ZLEN FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to t

CVE-2024-46744 [HIGH] CWE-59 Squashfs: sanity check symbolic link size Squashfs: sanity check symbolic link size FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Micros

CVE-2024-46750 [MEDIUM] CWE-667 PCI: Add missing bridge lock to pci_bus_lock() PCI: Add missing bridge lock to pci_bus_lock() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2024-45022 [MEDIUM] CWE-787 mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most rec