Msrc Cbl2 Kernel 5.15.167.1-1 On Cbl Mariner 2.0 vulnerabilities

CVE-2024-46724 [HIGH] CWE-125 drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-44983 [HIGH] CWE-908 netfilter: flowtable: validate vlan header netfilter: flowtable: validate vlan header FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-46674 [HIGH] CWE-416 usb: dwc3: st: fix probed platform device ref count on probe error path usb: dwc3: st: fix probed platform device ref count on probe error path FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-45026 [HIGH] CWE-787 s390/dasd: fix error recovery leading to data corruption on ESE devices s390/dasd: fix error recovery leading to data corruption on ESE devices FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-46818 [HIGH] CWE-129 drm/amd/display: Check gpio_id before used as array index drm/amd/display: Check gpio_id before used as array index FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-44998 [HIGH] CWE-416 atm: idt77252: prevent use after free in dequeue_rx() atm: idt77252: prevent use after free in dequeue_rx() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-44999 [HIGH] CWE-908 gtp: pull network headers in gtp_dev_xmit() gtp: pull network headers in gtp_dev_xmit() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2024-46814 [HIGH] CWE-129 drm/amd/display: Check msg_id before processing transcation drm/amd/display: Check msg_id before processing transcation FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-46746 [HIGH] CWE-416 HID: amd_sfh: free driver_data after destroying hid device HID: amd_sfh: free driver_data after destroying hid device FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-46747 [HIGH] CWE-125 HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar

CVE-2024-46722 [HIGH] CWE-125 drm/amdgpu: fix mc_data out-of-bounds read warning drm/amdgpu: fix mc_data out-of-bounds read warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2024-46782 [HIGH] CWE-416 ila: call nf_unregister_net_hooks() sooner ila: call nf_unregister_net_hooks() sooner FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-46743 [HIGH] CWE-125 of/irq: Prevent device address out-of-bounds read in interrupt map walk of/irq: Prevent device address out-of-bounds read in interrupt map walk FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-46731 [HIGH] CWE-125 drm/amd/pm: fix the Out-of-bounds read warning drm/amd/pm: fix the Out-of-bounds read warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-44974 [HIGH] CWE-416 mptcp: pm: avoid possible UaF when selecting endp mptcp: pm: avoid possible UaF when selecting endp FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2024-46844 [HIGH] CWE-824 um: line: always fill *error_out in setup_one_line() um: line: always fill *error_out in setup_one_line() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2024-46740 [HIGH] CWE-416 binder: fix UAF caused by offsets overwrite binder: fix UAF caused by offsets overwrite FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2024-44987 [HIGH] CWE-416 ipv6: prevent UAF in ip6_send_skb() ipv6: prevent UAF in ip6_send_skb() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is comm

CVE-2024-46804 [HIGH] CWE-129 drm/amd/display: Add array index check for hdcp ddc access drm/amd/display: Add array index check for hdcp ddc access FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-44985 [HIGH] CWE-416 ipv6: prevent possible UAF in ip6_xmit() ipv6: prevent possible UAF in ip6_xmit() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microso