Msrc Cbl2 Kernel 5.15.153.1-1 On Cbl Mariner 2.0 vulnerabilities

CVE-2023-52434 [HIGH] CWE-119 smb: client: fix potential OOBs in smb2_parse_contexts() smb: client: fix potential OOBs in smb2_parse_contexts() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2023-52435 [MEDIUM] CWE-119 net: prevent mss overflow in skb_segment() net: prevent mss overflow in skb_segment() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2023-52429 [MEDIUM] CWE-754 dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes and crash because of a missing check for struct dm_ioctl.t dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes and crash because of a missing check for struct dm_ioctl.target_count. FAQ: Is Azure Linux the only Microsoft product that i

CVE-2024-0562 [HIGH] CWE-416 Kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c Kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the mos

CVE-2022-2586 [MEDIUM] CWE-416 It was discovered that a nft object or expression could reference a nft set on a different nft table leading to a use-after-free once that table was deleted. It was discovered that a nft object or expression could reference a nft set on a different nft table leading to a use-after-free once that table was deleted. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One o

CVE-2024-0646 [HIGH] CWE-787 Kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination Kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep

CVE-2023-6040 [HIGH] CWE-125 An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family) An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family) FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of

CVE-2022-2602 [MEDIUM] CWE-416 io_uring UAF Unix SCM garbage collection io_uring UAF Unix SCM garbage collection FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Micros

CVE-2024-0775 [MEDIUM] CWE-416 Kernel: use-after-free while changing the mount option in __ext4_remount leading Kernel: use-after-free while changing the mount option in __ext4_remount leading FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure

CVE-2023-46838 [HIGH] CWE-476 Linux: netback processing of zero-length transmit fragment Linux: netback processing of zero-length transmit fragment FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2022-2585 [MEDIUM] CWE-416 It was discovered that when exec'ing from a non-leader thread armed POSIX CPU timers would be left on a list but freed leading to a use-after-free. It was discovered that when exec'ing from a non-leader thread armed POSIX CPU timers would be left on a list but freed leading to a use-after-free. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits

CVE-2022-2588 [MEDIUM] CWE-415 It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potential

CVE-2024-1086 [HIGH] CWE-416 Use-after-free in Linux kernel's netfilter: nf_tables component Use-after-free in Linux kernel's netfilter: nf_tables component FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librari

CVE-2024-0565 [MEDIUM] CWE-191 Kernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of client Kernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of client FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to o

CVE-2023-6200 [HIGH] CWE-362 Kernel: icmpv6 router advertisement packets aka linux tcp/ip remote code execution vulnerability Kernel: icmpv6 router advertisement packets aka linux tcp/ip remote code execution vulnerability FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with t

CVE-2024-23850 [MEDIUM] CWE-617 In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1 there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted u In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1 there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation. FAQ: Is Azure Linux the only Microsoft pro

CVE-2024-23849 [MEDIUM] CWE-193 In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1 there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison resulting in out-of-bounds access. In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1 there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison resulting in out-of-bounds access. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and

CVE-2024-0340 [MEDIUM] CWE-200 Kernel: information disclosure in vhost/vhost.c:vhost_new_msg() Kernel: information disclosure in vhost/vhost.c:vhost_new_msg() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libra

CVE-2024-23851 [MEDIUM] copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes and crash because of a missing param_kernel->data_size check. This is related to copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes and crash because of a missing param_kernel->data_size check. This is related to ctl_ioctl. FAQ: Is Azure Linux the only Microsoft product that includes th

CVE-2023-6560 [MEDIUM] CWE-119 Kernel: io_uring out of boundary memory access in __io_uaddr_map() Kernel: io_uring out of boundary memory access in __io_uaddr_map() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source