Msrc Azure Linux 3.0 X64 vulnerabilities

CVE-2024-34062 [MEDIUM] CWE-74 tqdm CLI arguments injection attack tqdm CLI arguments injection attack FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is com

CVE-2024-27031 [MEDIUM] CWE-667 NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2023-52662 [MEDIUM] CWE-401 drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2024-35176 [MEDIUM] CWE-400 REXML contains a denial of service vulnerability REXML contains a denial of service vulnerability FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2024-27388 [MEDIUM] CWE-401 SUNRPC: fix some memleaks in gssx_dec_option_array SUNRPC: fix some memleaks in gssx_dec_option_array FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-27067 [MEDIUM] xen/evtchn: avoid WARN() when unbinding an event channel xen/evtchn: avoid WARN() when unbinding an event channel FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-27982 [MEDIUM] The team has identified a critical vulnerability in the http server of the most recent version of Node where malformed headers can lead to HTTP request smuggling. Specifically if a space is placed bef The team has identified a critical vulnerability in the http server of the most recent version of Node where malformed headers can lead to HTTP request smuggling. Specifically if a space is placed before a content-length header it is not interpreted correctly enabling attack

CVE-2024-27432 [MEDIUM] net: ethernet: mtk_eth_soc: fix PPE hanging issue net: ethernet: mtk_eth_soc: fix PPE hanging issue FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-27013 [MEDIUM] CWE-770 tun: limit printing rate when illegal packet received by tun dev tun: limit printing rate when illegal packet received by tun dev FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

CVE-2024-26993 [MEDIUM] fs: sysfs: Fix reference leak in sysfs_break_active_protection() fs: sysfs: Fix reference leak in sysfs_break_active_protection() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries

CVE-2024-27017 [MEDIUM] netfilter: nft_set_pipapo: walk over current view on netlink dump netfilter: nft_set_pipapo: walk over current view on netlink dump FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2024-26987 [MEDIUM] CWE-667 mm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled mm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of th

CVE-2024-27076 [MEDIUM] CWE-401 media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-26975 [MEDIUM] CWE-476 powercap: intel_rapl: Fix a NULL pointer dereference powercap: intel_rapl: Fix a NULL pointer dereference FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-1298 [MEDIUM] CWE-369 Integer Overflow caused by divide by zero during S3 suspension Integer Overflow caused by divide by zero during S3 suspension FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librari

CVE-2024-26986 [MEDIUM] CWE-401 drm/amdkfd: Fix memory leak in create_process failure drm/amdkfd: Fix memory leak in create_process failure FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-4603 [MEDIUM] CWE-606 Excessive time spent checking DSA keys and parameters Excessive time spent checking DSA keys and parameters FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-26973 [MEDIUM] fat: fix uninitialized field in nostale filehandles fat: fix uninitialized field in nostale filehandles FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is c

CVE-2024-27068 [MEDIUM] CWE-401 thermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path thermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most s

CVE-2024-27012 [MEDIUM] CWE-401 netfilter: nf_tables: restore set elements when delete set fails netfilter: nf_tables: restore set elements when delete set fails FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li