Msrc Cbl2 Kernel 5.15.173.1-1 On Cbl Mariner 2.0 vulnerabilities

CVE-2024-56651 [HIGH] CWE-416 can: hi311x: hi3110_can_ist(): fix potential use-after-free can: hi311x: hi3110_can_ist(): fix potential use-after-free FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-53108 [HIGH] drm/amd/display: Adjust VSDB parser for replay feature drm/amd/display: Adjust VSDB parser for replay feature FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2024-56672 [HIGH] CWE-416 blk-cgroup: Fix UAF in blkcg_unpin_online() blk-cgroup: Fix UAF in blkcg_unpin_online() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2024-56657 [MEDIUM] ALSA: control: Avoid WARN() for symlink errors ALSA: control: Avoid WARN() for symlink errors FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2024-56748 [MEDIUM] scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar

CVE-2024-50143 [HIGH] udf: fix uninit-value use in udf_get_fileshortad udf: fix uninit-value use in udf_get_fileshortad FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed.

CVE-2024-50230 [HIGH] nilfs2: fix kernel bug due to missing clearing of checked flag nilfs2: fix kernel bug due to missing clearing of checked flag FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-50247 [HIGH] fs/ntfs3: Check if more than chunk-size bytes are written fs/ntfs3: Check if more than chunk-size bytes are written FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-50193 [HIGH] x86/entry_32: Clear CPU buffers after register restore in NMI return x86/entry_32: Clear CPU buffers after register restore in NMI return FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-53057 [HIGH] CWE-416 net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-50268 [HIGH] CWE-125 usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions

CVE-2024-50127 [HIGH] CWE-416 net: sched: fix use-after-free in taprio_change() net: sched: fix use-after-free in taprio_change() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2024-53059 [HIGH] wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sou

CVE-2024-50257 [HIGH] CWE-416 netfilter: Fix use-after-free in get_info() netfilter: Fix use-after-free in get_info() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2024-50186 [HIGH] CWE-416 net: explicitly clear the sk pointer, when pf->create fails net: explicitly clear the sk pointer, when pf->create fails FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-50151 [HIGH] CWE-787 smb: client: fix OOBs when building SMB2_IOCTL request smb: client: fix OOBs when building SMB2_IOCTL request FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-50154 [HIGH] CWE-416 tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-50262 [HIGH] CWE-787 bpf: Fix out-of-bounds write in trie_get_next_key() bpf: Fix out-of-bounds write in trie_get_next_key() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-50279 [HIGH] dm cache: fix out-of-bounds access to the dirty bitset when resizing dm cache: fix out-of-bounds access to the dirty bitset when resizing FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-50282 [HIGH] CWE-120 drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sourc