Msrc Azure Linux 3.0 Arm vulnerabilities

1,294 known vulnerabilities affecting msrc/azure_linux_3.0_arm.

Total CVEs

1,294

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL72HIGH496MEDIUM697LOW28UNKNOWN1

Vulnerabilities

Page 30 of 65

CVE-2024-40997MEDIUMCVSS 5.52024-07-09

CVE-2024-40997 [MEDIUM] CWE-401 cpufreq: amd-pstate: fix memory leak on CPU EPP exit cpufreq: amd-pstate: fix memory leak on CPU EPP exit FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

msrc

CVE-2024-42224MEDIUMCVSS 6.12024-07-09

CVE-2024-42224 [MEDIUM] CWE-754 net: dsa: mv88e6xxx: Correct check for empty list net: dsa: mv88e6xxx: Correct check for empty list FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

msrc

CVE-2024-40995MEDIUMCVSS 5.52024-07-09

CVE-2024-40995 [MEDIUM] CWE-835 net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the

msrc

CVE-2024-36387MEDIUMCVSS 5.42024-07-09

CVE-2024-36387 [MEDIUM] CWE-476 Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2 Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

msrc

CVE-2024-39331CRITICALCVSS 9.82024-06-11

CVE-2024-39331 [CRITICAL] CWE-94 In Emacs before 29.4 org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function such as shell-command-to-string. This affects Org Mode before 9.7.5. In Emacs before 29.4 org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function such as shell-command-to-string. This affects Org Mode before 9.7.5. FAQ: Is Azure Linux the only Microsoft product that includes this open

msrc

CVE-2008-3908CRITICALCVSS 10.02024-06-11

CVE-2008-3908 [CRITICAL] CVE-2008-3908: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2008-3908 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: wordnet Reference: https://nvd.nist.gov/vuln/detail/CVE-2008-3908

msrc

CVE-2024-37371CRITICALCVSS 9.12024-06-11

CVE-2024-37371 [CRITICAL] In MIT Kerberos 5 (aka krb5) before 1.21.3 an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. In MIT Kerberos 5 (aka krb5) before 1.21.3 an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected b

msrc

CVE-2024-37407CRITICALCVSS 9.12024-06-11

CVE-2024-37407 [CRITICAL] CWE-125 Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurp_central_directory in archive_read_support_format_zip.c. Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurp_central_directory in archive_read_support_format_zip.c. FAQ: Is Azure Linux the only Microsoft product that includes this

msrc

CVE-2014-0069HIGHCVSS 7.22024-06-11

CVE-2014-0069 [HIGH] CVE-2014-0069: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2014-0069 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: kernel Reference: https://nvd.nist.gov/vuln/detail/CVE-2014-0069

msrc

CVE-2024-36477HIGHCVSS 7.82024-06-11

CVE-2024-36477 [HIGH] CWE-125 tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

msrc

CVE-2024-33655HIGHCVSS 7.52024-06-11

CVE-2024-33655 [HIGH] CWE-400 The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service (resource consumption) by arranging for DNS queries to be accumulated for seconds such that responses are The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service (resource consumption) by arranging for DNS queries to be accumulated for seconds such that responses are later sent in a pulsing burst (which can be considered traffic amplif

msrc

CVE-2024-38664HIGHCVSS 7.82024-06-11

CVE-2024-38664 [HIGH] CWE-667 drm: zynqmp_dpsub: Always register bridge drm: zynqmp_dpsub: Always register bridge FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Micro

msrc

CVE-2004-2771HIGHCVSS 7.52024-06-11

CVE-2004-2771 [HIGH] CVE-2004-2771: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2004-2771 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: mailx Reference: https://nvd.nist.gov/vuln/detail/CVE-2004-2771

msrc

CVE-2010-2891HIGHCVSS 7.5PoC2024-06-11

CVE-2010-2891 [HIGH] CVE-2010-2891: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2010-2891 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: libsmi Reference: https://nvd.nist.gov/vuln/detail/CVE-2010-2891

msrc

CVE-2015-5157HIGHCVSS 7.22024-06-11

CVE-2015-5157 [HIGH] CVE-2015-5157: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2015-5157 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: kernel Reference: https://nvd.nist.gov/vuln/detail/CVE-2015-5157

msrc

CVE-2013-4342HIGHCVSS 7.62024-06-11

CVE-2013-4342 [HIGH] CVE-2013-4342: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2013-4342 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: xinetd Reference: https://nvd.nist.gov/vuln/detail/CVE-2013-4342

msrc

CVE-2024-38570HIGHCVSS 7.82024-06-11

CVE-2024-38570 [HIGH] CWE-416 gfs2: Fix potential glock use-after-free on unmount gfs2: Fix potential glock use-after-free on unmount FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

msrc

CVE-2024-5187HIGHCVSS 8.82024-06-11

CVE-2024-5187 [HIGH] CWE-22 Arbitrary File Overwrite in download_model_with_test_data in onnx/onnx Arbitrary File Overwrite in download_model_with_test_data in onnx/onnx FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open s

msrc

CVE-2024-39291HIGHCVSS 7.82024-06-11

CVE-2024-39291 [HIGH] CWE-120 drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most rec

msrc

CVE-2014-3618HIGHCVSS 7.52024-06-11

CVE-2014-3618 [HIGH] CVE-2014-3618: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2014-3618 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: procmail Reference: https://nvd.nist.gov/vuln/detail/CVE-2014-3618

msrc

← Previous30 / 65Next →