Msrc Cbl Mariner 2.0 Arm vulnerabilities

CVE-2024-44998 [HIGH] CWE-416 atm: idt77252: prevent use after free in dequeue_rx() atm: idt77252: prevent use after free in dequeue_rx() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-6119 [HIGH] CWE-843 Possible denial of service in X.509 name checks Possible denial of service in X.509 name checks FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is comp

CVE-2024-45296 [HIGH] CWE-1333 path-to-regexp outputs backtracking regular expressions path-to-regexp outputs backtracking regular expressions FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2024-45590 [HIGH] CWE-405 body-parser vulnerable to denial of service when url encoding is enabled body-parser vulnerable to denial of service when url encoding is enabled FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the

CVE-2024-44999 [HIGH] CWE-908 gtp: pull network headers in gtp_dev_xmit() gtp: pull network headers in gtp_dev_xmit() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2024-46814 [HIGH] CWE-129 drm/amd/display: Check msg_id before processing transcation drm/amd/display: Check msg_id before processing transcation FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-40898 [HIGH] CVE-2024-40898: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2024-40898 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Exploit Status: DOS:N/A Remediation: httpd

CVE-2024-46746 [HIGH] CWE-416 HID: amd_sfh: free driver_data after destroying hid device HID: amd_sfh: free driver_data after destroying hid device FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-46747 [HIGH] CWE-125 HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar

CVE-2024-46722 [HIGH] CWE-125 drm/amdgpu: fix mc_data out-of-bounds read warning drm/amdgpu: fix mc_data out-of-bounds read warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2024-6232 [HIGH] CWE-1333 Regular-expression DoS when parsing TarFile headers Regular-expression DoS when parsing TarFile headers FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-46782 [HIGH] CWE-416 ila: call nf_unregister_net_hooks() sooner ila: call nf_unregister_net_hooks() sooner FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Mic

CVE-2024-46743 [HIGH] CWE-125 of/irq: Prevent device address out-of-bounds read in interrupt map walk of/irq: Prevent device address out-of-bounds read in interrupt map walk FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-46731 [HIGH] CWE-125 drm/amd/pm: fix the Out-of-bounds read warning drm/amd/pm: fix the Out-of-bounds read warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-44974 [HIGH] CWE-416 mptcp: pm: avoid possible UaF when selecting endp mptcp: pm: avoid possible UaF when selecting endp FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2024-20505 [MEDIUM] CWE-125 ClamAV Memory Handling DoS ClamAV Memory Handling DoS FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transpa

CVE-2024-46844 [HIGH] CWE-824 um: line: always fill *error_out in setup_one_line() um: line: always fill *error_out in setup_one_line() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2024-46740 [HIGH] CWE-416 binder: fix UAF caused by offsets overwrite binder: fix UAF caused by offsets overwrite FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2024-44987 [HIGH] CWE-416 ipv6: prevent UAF in ip6_send_skb() ipv6: prevent UAF in ip6_send_skb() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is comm

CVE-2024-46804 [HIGH] CWE-129 drm/amd/display: Add array index check for hdcp ddc access drm/amd/display: Add array index check for hdcp ddc access FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w