Msrc Azure Linux 3.0 X64 vulnerabilities

CVE-2024-49959 [MEDIUM] jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the

CVE-2024-49987 [MEDIUM] CWE-476 bpftool: Fix undefined behavior in qsort(NULL 0 ...) bpftool: Fix undefined behavior in qsort(NULL 0 ...) FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-47713 [MEDIUM] wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

CVE-2024-49877 [MEDIUM] CWE-476 ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-49892 [MEDIUM] CWE-369 drm/amd/display: Initialize get_bytes_per_element's default to 1 drm/amd/display: Initialize get_bytes_per_element's default to 1 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

CVE-2024-49890 [MEDIUM] CWE-476 drm/amd/pm: ensure the fw_info is not null before using it drm/amd/pm: ensure the fw_info is not null before using it FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-47700 [MEDIUM] CWE-369 ext4: check stripe size compatibility on remount as well ext4: check stripe size compatibility on remount as well FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-47709 [MEDIUM] can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-50032 [MEDIUM] rcu/nocb: Fix rcuog wake-up from offline softirq rcu/nocb: Fix rcuog wake-up from offline softirq FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compose

CVE-2024-47710 [MEDIUM] sock_map: Add a cond_resched() in sock_hash_free() sock_map: Add a cond_resched() in sock_hash_free() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2024-47756 [MEDIUM] CWE-476 PCI: keystone: Fix if-statement expression in ks_pcie_quirk() PCI: keystone: Fix if-statement expression in ks_pcie_quirk() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2024-47734 [MEDIUM] bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave() bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open

CVE-2024-49867 [MEDIUM] CWE-416 btrfs: wait for fixup workers before stopping cleaner kthread during umount btrfs: wait for fixup workers before stopping cleaner kthread during umount FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions

CVE-2024-49953 [MEDIUM] CWE-672 net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sourc

CVE-2024-49913 [MEDIUM] CWE-476 drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most

CVE-2024-21212 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Health Monitor). Supported versions that are affected are 8.0.39 and prior and 8.4.0. Difficult to exploit vulnerability Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Health Monitor). Supported versions that are affected are 8.0.39 and prior and 8.4.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols t

CVE-2024-21194 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulne Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro

CVE-2024-21230 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploi Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via mu

CVE-2024-50062 [MEDIUM] CWE-476 RDMA/rtrs-srv: Avoid null pointer deref during path establishment RDMA/rtrs-srv: Avoid null pointer deref during path establishment FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2024-47672 [MEDIUM] wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries