Msrc Cbl Mariner 2.0 Arm vulnerabilities

CVE-2024-21196 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploit Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via mul

CVE-2024-50031 [MEDIUM] drm/v3d: Stop the active perfmon before being destroyed drm/v3d: Stop the active perfmon before being destroyed FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2024-50040 [MEDIUM] igb: Do not bring the device up after non-fatal error igb: Do not bring the device up after non-fatal error FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2024-50001 [MEDIUM] CWE-755 net/mlx5: Fix error path in multi-packet WQE transmit net/mlx5: Fix error path in multi-packet WQE transmit FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-47693 [MEDIUM] CWE-459 IB/core: Fix ib_cache_setup_one error flow cleanup IB/core: Fix ib_cache_setup_one error flow cleanup FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-49866 [MEDIUM] tracing/timerlat: Fix a race during cpuhp processing tracing/timerlat: Fix a race during cpuhp processing FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2024-50013 [MEDIUM] CWE-401 exfat: fix memory leak in exfat_load_bitmap() exfat: fix memory leak in exfat_load_bitmap() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-49962 [MEDIUM] CWE-476 ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most

CVE-2024-49958 [MEDIUM] ocfs2: reserve space for inline xattr before attaching reflink tree ocfs2: reserve space for inline xattr before attaching reflink tree FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-21231 [LOW] Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Difficult to ex Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multi

CVE-2024-21237 [LOW] Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. D Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network a

CVE-2024-47814 [LOW] CWE-416 use-after-free when closing buffers in Vim use-after-free when closing buffers in Vim FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Micr

CVE-2024-50044 [LOW] CWE-667 Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source l

CVE-2024-9026 [LOW] CWE-158 PHP-FPM logs from children may be altered PHP-FPM logs from children may be altered FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microso

CVE-2024-21247 [LOW] Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploi Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via mult

CVE-2024-46724 [HIGH] CWE-125 drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-44983 [HIGH] CWE-908 netfilter: flowtable: validate vlan header netfilter: flowtable: validate vlan header FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-46674 [HIGH] CWE-416 usb: dwc3: st: fix probed platform device ref count on probe error path usb: dwc3: st: fix probed platform device ref count on probe error path FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-45026 [HIGH] CWE-787 s390/dasd: fix error recovery leading to data corruption on ESE devices s390/dasd: fix error recovery leading to data corruption on ESE devices FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-46818 [HIGH] CWE-129 drm/amd/display: Check gpio_id before used as array index drm/amd/display: Check gpio_id before used as array index FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi