Msrc Cbl2 Hdf5 1.14.6-1 On Cbl Mariner 2.0 vulnerabilities

CVE-2025-7067 [MEDIUM] CWE-122 HDF5 H5FScache.c H5FS__sinfo_serialize_node_cb heap-based overflow HDF5 H5FScache.c H5FS__sinfo_serialize_node_cb heap-based overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2025-7068 [MEDIUM] CWE-401 HDF5 H5FL.c H5FL__malloc memory leak HDF5 H5FL.c H5FL__malloc memory leak FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is c

CVE-2025-6270 [MEDIUM] CWE-122 HDF5 H5FSsection.c H5FS__sect_find_node heap-based overflow HDF5 H5FSsection.c H5FS__sect_find_node heap-based overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wit

CVE-2025-6269 [MEDIUM] CWE-122 HDF5 H5Cimage.c H5C__reconstruct_cache_entry heap-based overflow HDF5 H5Cimage.c H5C__reconstruct_cache_entry heap-based overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source lib

CVE-2025-6857 [MEDIUM] CWE-121 HDF5 H5Gnode.c H5G__node_cmp3 stack-based overflow HDF5 H5Gnode.c H5G__node_cmp3 stack-based overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2025-6818 [MEDIUM] CWE-122 HDF5 H5Ochunk.c H5O__chunk_protect heap-based overflow HDF5 H5Ochunk.c H5O__chunk_protect heap-based overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which th

CVE-2025-6816 [MEDIUM] CWE-122 HDF5 H5Ofsinfo.c H5O__fsinfo_encode heap-based overflow HDF5 H5Ofsinfo.c H5O__fsinfo_encode heap-based overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2025-6858 [MEDIUM] CWE-476 HDF5 H5Centry.c H5C__flush_single_entry null pointer dereference HDF5 H5Centry.c H5C__flush_single_entry null pointer dereference FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source lib

CVE-2025-6750 [MEDIUM] CWE-122 HDF5 H5Omtime.c H5O__mtime_new_encode heap-based overflow HDF5 H5Omtime.c H5O__mtime_new_encode heap-based overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with wh

CVE-2025-44905 [HIGH] CWE-122 hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function. hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up

CVE-2025-44904 [HIGH] CWE-122 hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function. hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function. Mariner: Mariner mitre: mitre Customer Action Required: Yes

CVE-2025-2915 [MEDIUM] CWE-122 HDF5 H5Faccum.c H5F__accum_free heap-based overflow HDF5 H5Faccum.c H5F__accum_free heap-based overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dist

CVE-2025-2310 [MEDIUM] CWE-122 HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source lib

CVE-2025-2308 [MEDIUM] CWE-122 HDF5 Scale-Offset Filter H5Z__scaleoffset_decompress_one_byte heap-based overflow HDF5 Scale-Offset Filter H5Z__scaleoffset_decompress_one_byte heap-based overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secu

CVE-2025-2153 [LOW] CWE-122 HDF5 h5 File H5SM.c H5SM_delete heap-based overflow HDF5 h5 File H5SM.c H5SM_delete heap-based overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2025-2309 [MEDIUM] CWE-122 HDF5 Type Conversion Logic H5T__bit_copy heap-based overflow HDF5 Type Conversion Logic H5T__bit_copy heap-based overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries w

CVE-2025-2924 [MEDIUM] CWE-122 HDF5 H5HLcache.c H5HL__fl_deserialize heap-based overflow HDF5 H5HLcache.c H5HL__fl_deserialize heap-based overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with wh

CVE-2025-2914 [MEDIUM] CWE-122 HDF5 H5FScache.c H5FS__sinfo_Srialize_Sct_cb heap-based overflow HDF5 H5FScache.c H5FS__sinfo_Srialize_Sct_cb heap-based overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source lib

CVE-2025-2912 [MEDIUM] CWE-122 HDF5 H5Omessage.c H5O_msg_flush heap-based overflow HDF5 H5Omessage.c H5O_msg_flush heap-based overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dist

CVE-2025-2926 [MEDIUM] CWE-476 HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereference HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereference FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source l