Msrc Cbl2 Kernel 5.15.173.1-2 On Cbl Mariner 2.0 vulnerabilities

CVE-2024-53150 [HIGH] ALSA: usb-audio: Fix out of bounds reads when finding clock sources ALSA: usb-audio: Fix out of bounds reads when finding clock sources FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar

CVE-2024-56640 [HIGH] net/smc: fix LGR and link use-after-free issue net/smc: fix LGR and link use-after-free issue FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-53156 [HIGH] CWE-129 wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-56595 [HIGH] jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2024-56704 [HIGH] 9p/xen: fix release of IRQ 9p/xen: fix release of IRQ FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in t

CVE-2024-53227 [HIGH] CWE-416 scsi: bfa: Fix use-after-free in bfad_im_module_exit() scsi: bfa: Fix use-after-free in bfad_im_module_exit() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-56605 [HIGH] CWE-416 Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most sec

CVE-2024-56602 [HIGH] CWE-416 net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of

CVE-2024-53239 [HIGH] CWE-416 ALSA: 6fire: Release resources at card release ALSA: 6fire: Release resources at card release FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-53155 [HIGH] CWE-908 ocfs2: fix uninitialized value in ocfs2_file_read_iter() ocfs2: fix uninitialized value in ocfs2_file_read_iter() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2024-56623 [MEDIUM] scsi: qla2xxx: Fix use after free on unload scsi: qla2xxx: Fix use after free on unload FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microso

CVE-2024-56601 [HIGH] net: inet: do not leave a dangling sk pointer in inet_create() net: inet: do not leave a dangling sk pointer in inet_create() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-53206 [HIGH] tcp: Fix use-after-free of nreq in reqsk_timer_handler(). tcp: Fix use-after-free of nreq in reqsk_timer_handler(). FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-56708 [HIGH] CWE-415 EDAC/igen6: Avoid segmentation fault on module unload EDAC/igen6: Avoid segmentation fault on module unload FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-56596 [HIGH] CWE-129 jfs: fix array-index-out-of-bounds in jfs_readdir jfs: fix array-index-out-of-bounds in jfs_readdir FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2024-56603 [HIGH] CWE-416 net: af_can: do not leave a dangling sk pointer in can_create() net: af_can: do not leave a dangling sk pointer in can_create() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar

CVE-2024-56614 [HIGH] xsk: fix OOB map writes when deleting elements xsk: fix OOB map writes when deleting elements FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-56606 [HIGH] CWE-416 af_packet: avoid erroring out after sock_init_data() in packet_create() af_packet: avoid erroring out after sock_init_data() in packet_create() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-53237 [HIGH] Bluetooth: fix use-after-free in device_for_each_child() Bluetooth: fix use-after-free in device_for_each_child() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2024-56615 [HIGH] CWE-787 bpf: fix OOB devmap writes when deleting elements bpf: fix OOB devmap writes when deleting elements FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is