Msrc Azure Linux 3.0 Arm vulnerabilities

CVE-2022-1292 [HIGH] CWE-78 The c_rehash script allows command injection The c_rehash script allows command injection FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2021-3750 [HIGH] CWE-416 A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted conte A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirabl

CVE-2021-3611 [MEDIUM] CWE-119 A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host resulting in a denial of service A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host resulting in a denial of service condition. The highest threat from this vulnerability is to system a

CVE-2021-4206 [HIGH] CWE-190 A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user t

CVE-2021-4207 [HIGH] CWE-362 A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A maliciou

CVE-2022-24795 [MEDIUM] CWE-122 Buffer Overflow and Integer Overflow in yajl-ruby Buffer Overflow and Integer Overflow in yajl-ruby FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2022-28506 [MEDIUM] CWE-787 There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45. There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with th

CVE-2022-26353 [HIGH] CWE-772 A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748 which forgot to unmap the cached virtqueue elements on error leading to memory A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748 which forgot to unmap the cached virtqueue elements on error leading to memory leakage and other unexpected results. Affected QEMU version: 6.2.0.

CVE-2022-24921 [HIGH] CWE-674 regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression. regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is th

CVE-2021-3738 [HIGH] CWE-416 In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared the use

CVE-2022-0778 [HIGH] CWE-835 Infinite loop in BN_mod_sqrt() reachable when parsing certificates Infinite loop in BN_mod_sqrt() reachable when parsing certificates FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source l

CVE-2022-24713 [HIGH] CWE-1333 Regular expression denial of service in Rust's regex crate Regular expression denial of service in Rust's regex crate FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2018-25032 [HIGH] CWE-787 zlib before 1.2.12 allows memory corruption when deflating (i.e. when compressing) if the input has many distant matches. zlib before 1.2.12 allows memory corruption when deflating (i.e. when compressing) if the input has many distant matches. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux di

CVE-2021-23192 [HIGH] CWE-20 A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request and chose to fragment it an attacker could replace later fragments with their own A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request and chose to fragment it an attacker could replace later fragments with their own data bypassing the signature requirements. FAQ: Is Azure Linux the o

CVE-2022-26354 [LOW] CWE-772 A flaw was found in the vhost-vsock device of QEMU. In case of error an invalid element was not detached from the virtqueue before freeing its memory leading to memory leakage and other unexpected res A flaw was found in the vhost-vsock device of QEMU. In case of error an invalid element was not detached from the virtqueue before freeing its memory leading to memory leakage and other unexpected results. Affected QEMU versions Is Azure Linux the only Microsoft product

CVE-2022-23806 [CRITICAL] CWE-252 Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element. Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore pote

CVE-2020-25717 [HIGH] CWE-20 A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation. A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main

CVE-2020-25719 [HIGH] CWE-362 A flaw was found in the way Samba as an Active Directory Domain Controller implemented Kerberos name-based authentication. The Samba AD DC could become confused about the user a ticket represents if i A flaw was found in the way Samba as an Active Directory Domain Controller implemented Kerberos name-based authentication. The Samba AD DC could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs fou

CVE-2022-23772 [HIGH] CWE-190 Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who

CVE-2022-23773 [HIGH] CWE-436 cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags. FAQ: Is Azure Linux the only Micros