Msrc Azure Linux 3.0 X64 vulnerabilities

CVE-2024-49853 [HIGH] CWE-415 firmware: arm_scmi: Fix double free in OPTEE transport firmware: arm_scmi: Fix double free in OPTEE transport FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-49924 [HIGH] CWE-416 fbdev: pxafb: Fix possible use after free in pxafb_task() fbdev: pxafb: Fix possible use after free in pxafb_task() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-49767 [MEDIUM] CWE-400 Werkzeug possible resource exhaustion when parsing file data in forms Werkzeug possible resource exhaustion when parsing file data in forms FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open

CVE-2024-49992 [HIGH] CWE-416 drm/stm: Avoid use-after-free issues with crtc and plane drm/stm: Avoid use-after-free issues with crtc and plane FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2024-49931 [HIGH] CWE-129 wifi: ath12k: fix array out-of-bound access in SoC stats wifi: ath12k: fix array out-of-bound access in SoC stats FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2024-49761 [MEDIUM] CWE-1333 REXML ReDoS vulnerability REXML ReDoS vulnerability FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transpar

CVE-2024-47723 [HIGH] CWE-125 jfs: fix out-of-bounds in dbNextAG() and diAlloc() jfs: fix out-of-bounds in dbNextAG() and diAlloc() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2024-49894 [HIGH] CWE-129 drm/amd/display: Fix index out of bounds in degamma hardware format translation drm/amd/display: Fix index out of bounds in degamma hardware format translation FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure ve

CVE-2024-49986 [HIGH] CWE-416 platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most rec

CVE-2024-49855 [HIGH] CWE-416 nbd: fix race between timeout and normal completion nbd: fix race between timeout and normal completion FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-49903 [HIGH] CWE-416 jfs: Fix uaf in dbFreeBits jfs: Fix uaf in dbFreeBits FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transpare

CVE-2024-47741 [HIGH] CWE-362 btrfs: fix race setting file private on concurrent lseek using same fd btrfs: fix race setting file private on concurrent lseek using same fd FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open

CVE-2024-47742 [HIGH] CWE-22 firmware_loader: Block path traversal firmware_loader: Block path traversal FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is c

CVE-2024-49884 [HIGH] CWE-416 ext4: fix slab-use-after-free in ext4_split_extent_at() ext4: fix slab-use-after-free in ext4_split_extent_at() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t

CVE-2024-49883 [HIGH] CWE-416 ext4: aovid use-after-free in ext4_ext_insert_extent() ext4: aovid use-after-free in ext4_ext_insert_extent() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-49860 [HIGH] CWE-843 ACPI: sysfs: validate return type of _STR method ACPI: sysfs: validate return type of _STR method FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is c

CVE-2024-47751 [HIGH] CWE-120 PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-50047 [HIGH] CWE-416 smb: client: fix UAF in async decryption smb: client: fix UAF in async decryption FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microso

CVE-2024-49854 [HIGH] CWE-416 block bfq: fix uaf for accessing waker_bfqq after splitting block bfq: fix uaf for accessing waker_bfqq after splitting FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-49874 [HIGH] CWE-416 i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date wit