Msrc Azure Linux 3.0 X64 vulnerabilities

CVE-2024-49996 [HIGH] CWE-120 cifs: Fix buffer overflow when parsing NFS reparse points cifs: Fix buffer overflow when parsing NFS reparse points FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-49995 [HIGH] tipc: guard against string buffer overrun tipc: guard against string buffer overrun FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is

CVE-2024-47691 [HIGH] CWE-416 f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread() f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-50036 [HIGH] net: do not delay dst_entries_add() in dst_release() net: do not delay dst_entries_add() in dst_release() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is c

CVE-2024-47745 [HIGH] CWE-670 mm: call the security_mmap_file() LSM hook in remap_file_pages() mm: call the security_mmap_file() LSM hook in remap_file_pages() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-49981 [HIGH] CWE-362 media: venus: fix use after free bug in venus_remove due to race condition media: venus: fix use after free bug in venus_remove due to race condition FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of

CVE-2024-49900 [HIGH] CWE-908 jfs: Fix uninit-value access of new_ea in ea_buffer jfs: Fix uninit-value access of new_ea in ea_buffer FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-47695 [HIGH] CWE-787 RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-49983 [HIGH] CWE-415 ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open

CVE-2024-47698 [HIGH] CWE-787 drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-8926 [CRITICAL] CWE-78 PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass) PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass) FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

CVE-2024-47670 [HIGH] CWE-787 ocfs2: add bounds checking to ocfs2_xattr_find_entry() ocfs2: add bounds checking to ocfs2_xattr_find_entry() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-49960 [HIGH] CWE-416 ext4: fix timer use-after-free on failed mount ext4: fix timer use-after-free on failed mount FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-47730 [HIGH] CWE-416 crypto: hisilicon/qm - inject error before stopping queue crypto: hisilicon/qm - inject error before stopping queue FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-49989 [HIGH] CWE-415 drm/amd/display: fix double free issue during amdgpu module unload drm/amd/display: fix double free issue during amdgpu module unload FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2024-49852 [HIGH] CWE-416 scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the

CVE-2024-47727 [HIGH] CWE-754 x86/tdx: Fix "in-kernel MMIO" check x86/tdx: Fix "in-kernel MMIO" check FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is comm

CVE-2024-50061 [HIGH] CWE-416 i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date

CVE-2024-47754 [MEDIUM] CWE-476 media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of th

CVE-2024-47684 [MEDIUM] CWE-476 tcp: check skb is non-NULL in tcp_rto_delta_us() tcp: check skb is non-NULL in tcp_rto_delta_us() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is