Msrc Azure Linux 3.0 Arm vulnerabilities

CVE-2024-47716 [MEDIUM] ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-47753 [MEDIUM] CWE-476 media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2024-47715 [MEDIUM] wifi: mt76: mt7915: fix oops on non-dbdc mt7986 wifi: mt76: mt7915: fix oops on non-dbdc mt7986 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed.

CVE-2024-47739 [MEDIUM] CWE-190 padata: use integer wrap around to prevent deadlock on seq_nr overflow padata: use integer wrap around to prevent deadlock on seq_nr overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-47699 [MEDIUM] CWE-476 nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries

CVE-2024-49978 [MEDIUM] CWE-476 gso: fix udp gso fraglist segmentation after pull from frag_list gso: fix udp gso fraglist segmentation after pull from frag_list FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

CVE-2024-21197 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easi Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network acc

CVE-2024-47704 [MEDIUM] CWE-476 drm/amd/display: Check link_res->hpo_dp_link_enc before using it drm/amd/display: Check link_res->hpo_dp_link_enc before using it FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

CVE-2024-49859 [MEDIUM] CWE-362 f2fs: fix to check atomic_file in f2fs ioctl interfaces f2fs: fix to check atomic_file in f2fs ioctl interfaces FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2024-47720 [MEDIUM] CWE-476 drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent an

CVE-2024-50045 [MEDIUM] CWE-476 netfilter: br_netfilter: fix panic with metadata_dst skb netfilter: br_netfilter: fix panic with metadata_dst skb FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-47712 [MEDIUM] CWE-476 wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secur

CVE-2024-21213 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulne Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure whe

CVE-2024-47692 [MEDIUM] CWE-476 nfsd: return -EINVAL when namelen is 0 nfsd: return -EINVAL when namelen is 0 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft

CVE-2024-47678 [MEDIUM] CWE-203 icmp: change the order of rate limits icmp: change the order of rate limits FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft i

CVE-2024-50602 [MEDIUM] CWE-754 An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulne

CVE-2024-50002 [MEDIUM] CWE-755 static_call: Handle module init failure correctly in static_call_del_module() static_call: Handle module init failure correctly in static_call_del_module() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure vers

CVE-2024-49870 [MEDIUM] CWE-401 cachefiles: fix dentry leak in cachefiles_open_file() cachefiles: fix dentry leak in cachefiles_open_file() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-50041 [MEDIUM] CWE-401 i40e: Fix macvlan leak by synchronizing access to mac_filter_hash i40e: Fix macvlan leak by synchronizing access to mac_filter_hash FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2024-47674 [MEDIUM] CWE-459 mm: avoid leaving partial pfn mappings around in error case mm: avoid leaving partial pfn mappings around in error case FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi