Msrc Azure Linux 3.0 X64 vulnerabilities

CVE-2024-43796 [MEDIUM] CWE-79 express vulnerable to XSS via response.redirect() express vulnerable to XSS via response.redirect() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro i

CVE-2024-45025 [MEDIUM] CWE-787 fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-45020 [MEDIUM] CWE-787 bpf: Fix a kernel verifier crash in stacksafe() bpf: Fix a kernel verifier crash in stacksafe() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is c

CVE-2024-46749 [MEDIUM] CWE-476 Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush() Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the

CVE-2024-46791 [MEDIUM] CWE-667 can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open

CVE-2024-44995 [MEDIUM] CWE-667 net: hns3: fix a deadlock problem when config TC during resetting net: hns3: fix a deadlock problem when config TC during resetting FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2024-44990 [MEDIUM] CWE-476 bonding: fix null pointer deref in bond_ipsec_offload_ok bonding: fix null pointer deref in bond_ipsec_offload_ok FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-46795 [MEDIUM] CWE-476 ksmbd: unset the binding mark of a reused connection ksmbd: unset the binding mark of a reused connection FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-46855 [MEDIUM] netfilter: nft_socket: fix sk refcount leaks netfilter: nft_socket: fix sk refcount leaks FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Micro

CVE-2024-46672 [MEDIUM] CWE-476 wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-46864 [MEDIUM] x86/hyperv: fix kexec crash due to VP assist page corruption x86/hyperv: fix kexec crash due to VP assist page corruption FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-46770 [MEDIUM] CWE-476 ice: Add netif_device_attach/detach into PF reset flow ice: Add netif_device_attach/detach into PF reset flow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t

CVE-2024-44984 [MEDIUM] bnxt_en: Fix double DMA unmapping for XDP_REDIRECT bnxt_en: Fix double DMA unmapping for XDP_REDIRECT FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2024-46702 [MEDIUM] thunderbolt: Mark XDomain as unplugged when router is removed thunderbolt: Mark XDomain as unplugged when router is removed FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-46863 [MEDIUM] ASoC: Intel: soc-acpi-intel-lnl-match: add missing empty item ASoC: Intel: soc-acpi-intel-lnl-match: add missing empty item FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-8096 [MEDIUM] CWE-295 OCSP stapling bypass with GnuTLS OCSP stapling bypass with GnuTLS FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed

CVE-2024-46680 [MEDIUM] Bluetooth: btnxpuart: Fix random crash seen while removing driver Bluetooth: btnxpuart: Fix random crash seen while removing driver FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2024-46832 [MEDIUM] MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sou

CVE-2024-46857 [MEDIUM] CWE-476 net/mlx5: Fix bridge mode operations when there are no VFs net/mlx5: Fix bridge mode operations when there are no VFs FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-46695 [MEDIUM] CWE-276 selinuxsmack: don't bypass permissions check in inode_setsecctx hook selinuxsmack: don't bypass permissions check in inode_setsecctx hook FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open s