Msrc Cbl Mariner 2.0 Arm vulnerabilities

CVE-2024-44985 [HIGH] CWE-416 ipv6: prevent possible UAF in ip6_xmit() ipv6: prevent possible UAF in ip6_xmit() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microso

CVE-2024-46798 [HIGH] CWE-416 ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2024-46738 [HIGH] CWE-416 VMCI: Fix use-after-free when removing resource in vmci_resource_remove() VMCI: Fix use-after-free when removing resource in vmci_resource_remove() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of th

CVE-2024-46759 [HIGH] CWE-191 hwmon: (adc128d818) Fix underflows seen when writing limit attributes hwmon: (adc128d818) Fix underflows seen when writing limit attributes FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open s

CVE-2024-46723 [HIGH] CWE-125 drm/amdgpu: fix ucode out-of-bounds read warning drm/amdgpu: fix ucode out-of-bounds read warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is c

CVE-2024-46673 [HIGH] CWE-415 scsi: aacraid: Fix double-free on probe failure scsi: aacraid: Fix double-free on probe failure FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2024-46725 [HIGH] CWE-787 drm/amdgpu: Fix out-of-bounds write warning drm/amdgpu: Fix out-of-bounds write warning FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2024-46800 [HIGH] CWE-416 sch/netem: fix use after free in netem_dequeue sch/netem: fix use after free in netem_dequeue FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-44986 [HIGH] CWE-416 ipv6: fix possible UAF in ip6_finish_output2() ipv6: fix possible UAF in ip6_finish_output2() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-46744 [HIGH] CWE-59 Squashfs: sanity check symbolic link size Squashfs: sanity check symbolic link size FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Micros

CVE-2024-46750 [MEDIUM] CWE-667 PCI: Add missing bridge lock to pci_bus_lock() PCI: Add missing bridge lock to pci_bus_lock() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2024-43796 [MEDIUM] CWE-79 express vulnerable to XSS via response.redirect() express vulnerable to XSS via response.redirect() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro i

CVE-2024-45025 [MEDIUM] CWE-787 fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-46791 [MEDIUM] CWE-667 can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open

CVE-2024-44995 [MEDIUM] CWE-667 net: hns3: fix a deadlock problem when config TC during resetting net: hns3: fix a deadlock problem when config TC during resetting FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2024-44990 [MEDIUM] CWE-476 bonding: fix null pointer deref in bond_ipsec_offload_ok bonding: fix null pointer deref in bond_ipsec_offload_ok FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-46795 [MEDIUM] CWE-476 ksmbd: unset the binding mark of a reused connection ksmbd: unset the binding mark of a reused connection FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-46702 [MEDIUM] thunderbolt: Mark XDomain as unplugged when router is removed thunderbolt: Mark XDomain as unplugged when router is removed FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-46863 [MEDIUM] ASoC: Intel: soc-acpi-intel-lnl-match: add missing empty item ASoC: Intel: soc-acpi-intel-lnl-match: add missing empty item FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2024-8096 [MEDIUM] CWE-295 OCSP stapling bypass with GnuTLS OCSP stapling bypass with GnuTLS FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed