Msrc Cbl2 Kernel 5.15.182.1-1 On Cbl Mariner 2.0 vulnerabilities

CVE-2025-37802 [MEDIUM] CWE-667 ksmbd: fix WARNING "do not call blocking ops when !TASK_RUNNING" ksmbd: fix WARNING "do not call blocking ops when !TASK_RUNNING" FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

CVE-2025-21967 [HIGH] ksmbd: fix use-after-free in ksmbd_free_work_struct ksmbd: fix use-after-free in ksmbd_free_work_struct FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2025-21999 [HIGH] proc: fix UAF in proc_get_inode() proc: fix UAF in proc_get_inode() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to tra

CVE-2025-22004 [HIGH] CWE-416 net: atm: fix use after free in lec_send() net: atm: fix use after free in lec_send() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2025-22040 [HIGH] CWE-416 ksmbd: fix session use-after-free in multichannel connection ksmbd: fix session use-after-free in multichannel connection FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2025-21915 [HIGH] cdx: Fix possible UAF error in driver_override_show() cdx: Fix possible UAF error in driver_override_show() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2025-22041 [HIGH] CWE-416 ksmbd: fix use-after-free in ksmbd_sessions_deregister() ksmbd: fix use-after-free in ksmbd_sessions_deregister() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2025-22038 [HIGH] ksmbd: validate zero num_subauth before sub_auth is accessed ksmbd: validate zero num_subauth before sub_auth is accessed FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2025-21945 [HIGH] ksmbd: fix use-after-free in smb2_lock ksmbd: fix use-after-free in smb2_lock FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is commit

CVE-2025-21993 [HIGH] CWE-125 iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of th

CVE-2025-37838 [HIGH] HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most

CVE-2025-21991 [HIGH] CWE-129 x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the

CVE-2025-22062 [MEDIUM] CWE-476 sctp: add mutual exclusion in proc_sctp_do_udp_port() sctp: add mutual exclusion in proc_sctp_do_udp_port() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2025-22037 [MEDIUM] CWE-476 ksmbd: fix null pointer dereference in alloc_preauth_hash() ksmbd: fix null pointer dereference in alloc_preauth_hash() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2025-37925 [MEDIUM] jfs: reject on-disk inodes of an unsupported type jfs: reject on-disk inodes of an unsupported type FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2025-22007 [MEDIUM] CWE-476 Bluetooth: Fix error code in chan_alloc_skb_cb() Bluetooth: Fix error code in chan_alloc_skb_cb() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2025-22010 [MEDIUM] CWE-667 RDMA/hns: Fix soft lockup during bt pages loop RDMA/hns: Fix soft lockup during bt pages loop FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2024-58097 [MEDIUM] CWE-835 wifi: ath11k: fix RCU stall while reaping monitor destination ring wifi: ath11k: fix RCU stall while reaping monitor destination ring FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sourc

CVE-2025-22027 [MEDIUM] CWE-362 media: streamzap: fix race between device disconnection and urb callback media: streamzap: fix race between device disconnection and urb callback NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2025-22027 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to kee

CVE-2025-22014 [MEDIUM] soc: qcom: pdr: Fix the potential deadlock soc: qcom: pdr: Fix the potential deadlock FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft