Msrc Azure Linux 3.0 Arm vulnerabilities

CVE-2024-36620 [MEDIUM] CWE-476 moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via daemon/images/image_history.go. moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via daemon/images/image_history.go. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to

CVE-2024-52337 [MEDIUM] CWE-20 Tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method Tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most

CVE-2024-50093 [MEDIUM] thermal: intel: int340x: processor: Fix warning during module unload thermal: intel: int340x: processor: Fix warning during module unload FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

CVE-2024-0134 [MEDIUM] CWE-61 NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and

CVE-2024-8929 [MEDIUM] CWE-200 Leak partial content of the heap through heap buffer over-read in mysqlnd Leak partial content of the heap through heap buffer over-read in mysqlnd FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of t

CVE-2024-47685 [CRITICAL] CWE-908 netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-49950 [HIGH] CWE-416 Bluetooth: L2CAP: Fix uaf in l2cap_connect Bluetooth: L2CAP: Fix uaf in l2cap_connect FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-47686 [HIGH] CWE-193 ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-50035 [HIGH] CWE-908 ppp: fix ppp_async_encode() illegal access ppp: fix ppp_async_encode() illegal access FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-47697 [HIGH] CWE-787 drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-50007 [HIGH] CWE-129 ALSA: asihpi: Fix potential OOB array access ALSA: asihpi: Fix potential OOB array access FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed.

CVE-2024-47750 [HIGH] CWE-416 RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2024-49889 [HIGH] CWE-416 ext4: avoid use-after-free in ext4_ext_show_leaf() ext4: avoid use-after-free in ext4_ext_show_leaf() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2024-50059 [HIGH] CWE-416 ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to

CVE-2024-49969 [HIGH] CWE-129 drm/amd/display: Fix index out of bounds in DCN30 color transformation drm/amd/display: Fix index out of bounds in DCN30 color transformation FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open

CVE-2024-47719 [HIGH] CWE-787 iommufd: Protect against overflow of ALIGN() during iova allocation iommufd: Protect against overflow of ALIGN() during iova allocation FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sourc

CVE-2024-49862 [HIGH] CWE-193 powercap: intel_rapl: Fix off by one in get_rpi() powercap: intel_rapl: Fix off by one in get_rpi() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2024-50029 [HIGH] CWE-416 Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t

CVE-2024-50033 [HIGH] CWE-908 slip: make slhc_remember() more robust against malicious packets slip: make slhc_remember() more robust against malicious packets FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-47682 [HIGH] CWE-193 scsi: sd: Fix off-by-one error in sd_read_block_characteristics() scsi: sd: Fix off-by-one error in sd_read_block_characteristics() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li