Msrc Azure Linux 3.0 Arm vulnerabilities

CVE-2024-43168 [MEDIUM] CWE-122 Unbound: heap-buffer-overflow in unbound Unbound: heap-buffer-overflow in unbound FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Micro

CVE-2024-8006 [MEDIUM] CWE-476 NULL pointer dereference in libpcap before 1.10.5 with remote packet capture support NULL pointer dereference in libpcap before 1.10.5 with remote packet capture support FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and mos

CVE-2024-42270 [MEDIUM] CWE-476 netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init(). netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init(). FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open s

CVE-2023-7256 [MEDIUM] CWE-415 Double-free in libpcap before 1.10.5 with remote packet capture support. Double-free in libpcap before 1.10.5 with remote packet capture support. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the

CVE-2024-42294 [MEDIUM] CWE-667 block: fix deadlock between sd_remove & sd_release block: fix deadlock between sd_remove & sd_release FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-5814 [MEDIUM] CWE-284 Unverifed Ciphersuite used on a client-side TLS1.3 Downgrade Unverifed Ciphersuite used on a client-side TLS1.3 Downgrade FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries w

CVE-2024-41957 [MEDIUM] CWE-415 Vim double free in src/alloc.c:616 Vim double free in src/alloc.c:616 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is comm

CVE-2024-43837 [MEDIUM] CWE-476 bpf: Fix null pointer dereference in resolve_prog_type() for BPF_PROG_TYPE_EXT bpf: Fix null pointer dereference in resolve_prog_type() for BPF_PROG_TYPE_EXT FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure ve

CVE-2024-43788 [MEDIUM] CWE-79 DOM Clobbering Gadget found in Webpack's AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS) DOM Clobbering Gadget found in Webpack's AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS) FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment

CVE-2024-42269 [MEDIUM] CWE-476 netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init(). netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init(). FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure

CVE-2024-43853 [MEDIUM] CWE-416 cgroup/cpuset: Prevent UAF in proc_cpuset_show() cgroup/cpuset: Prevent UAF in proc_cpuset_show() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2024-42316 [MEDIUM] CWE-369 mm/mglru: fix div-by-zero in vmpressure_calc_level() mm/mglru: fix div-by-zero in vmpressure_calc_level() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-5288 [MEDIUM] CWE-922 Safe-error attack on TLS 1.3 Protocol Safe-error attack on TLS 1.3 Protocol FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is

CVE-2024-43860 [MEDIUM] CWE-476 remoteproc: imx_rproc: Skip over memory region when node value is NULL remoteproc: imx_rproc: Skip over memory region when node value is NULL FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-43891 [MEDIUM] CWE-416 tracing: Have format file honor EVENT_FILE_FL_FREED tracing: Have format file honor EVENT_FILE_FL_FREED FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2024-42309 [MEDIUM] CWE-476 drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open s

CVE-2024-1544 [MEDIUM] CWE-203 ECDSA nonce bias caused by truncation ECDSA nonce bias caused by truncation FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is

CVE-2024-43828 [MEDIUM] CWE-835 ext4: fix infinite loop when replaying fast_commit ext4: fix infinite loop when replaying fast_commit FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-43398 [MEDIUM] CWE-776 REXML denial of service vulnerability REXML denial of service vulnerability FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft i

CVE-2024-42246 [MEDIUM] CWE-835 net sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket net sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versio