Msrc Azure Linux 3.0 Arm vulnerabilities

CVE-2024-27005 [MEDIUM] interconnect: Don't access req_list while it's being manipulated interconnect: Don't access req_list while it's being manipulated FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries

CVE-2022-48669 [MEDIUM] powerpc/pseries: Fix potential memleak in papr_get_attr() powerpc/pseries: Fix potential memleak in papr_get_attr() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-27066 [MEDIUM] CWE-401 virtio: packed: fix unmap leak for indirect desc table virtio: packed: fix unmap leak for indirect desc table FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t

CVE-2024-26940 [MEDIUM] drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

CVE-2024-26969 [MEDIUM] CWE-129 clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2024-27393 [MEDIUM] xen-netfront: Add missing skb_mark_for_recycle xen-netfront: Add missing skb_mark_for_recycle FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2024-26990 [MEDIUM] KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-27002 [MEDIUM] CWE-667 clk: mediatek: Do a runtime PM get on controllers during probe clk: mediatek: Do a runtime PM get on controllers during probe FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar

CVE-2024-35857 [MEDIUM] CWE-476 icmp: prevent possible NULL dereferences from icmp_build_probe() icmp: prevent possible NULL dereferences from icmp_build_probe() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

CVE-2024-35823 [MEDIUM] CWE-120 vt: fix unicode buffer corruption when deleting characters vt: fix unicode buffer corruption when deleting characters FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-34250 [MEDIUM] CWE-122 A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasm_loader_check_br" f A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasm_loader_check_br" function in core/iwasm/interpreter/wasm_loader.c. FAQ: Is Azure Lin

CVE-2024-26965 [HIGH] clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2023-52661 [MEDIUM] drm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() drm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and

CVE-2024-32020 [LOW] CWE-281 Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux

CVE-2024-32021 [LOW] CWE-547 Local Git clone may hardlink arbitrary user-readable files into the new repository's "objects/" directory Local Git clone may hardlink arbitrary user-readable files into the new repository's "objects/" directory FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it

CVE-2024-26935 [MEDIUM] scsi: core: Fix unremoved procfs host directory regression scsi: core: Fix unremoved procfs host directory regression FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t

CVE-2024-27004 [MEDIUM] clk: Get runtime PM before walking tree during disable_unused clk: Get runtime PM before walking tree during disable_unused FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2023-52652 [MEDIUM] NTB: fix possible name leak in ntb_register_device() NTB: fix possible name leak in ntb_register_device() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2024-1874 [CRITICAL] CWE-116 Command injection via array-ish $command parameter of proc_open() Command injection via array-ish $command parameter of proc_open() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2024-26882 [HIGH] net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries