Msrc Cbl Mariner 2.0 Arm vulnerabilities

CVE-2024-46832 [MEDIUM] MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sou

CVE-2024-43800 [MEDIUM] CWE-79 serve-static affected by template injection that can lead to XSS serve-static affected by template injection that can lead to XSS FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source lib

CVE-2024-46737 [MEDIUM] CWE-476 nvmet-tcp: fix kernel crash if commands allocation fails nvmet-tcp: fix kernel crash if commands allocation fails FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-44958 [MEDIUM] sched/smt: Fix unbalance sched_smt_present dec/inc sched/smt: Fix unbalance sched_smt_present dec/inc FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2024-46840 [MEDIUM] btrfs: clean up our handling of refs == 0 in snapshot delete btrfs: clean up our handling of refs == 0 in snapshot delete FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-46810 [MEDIUM] CWE-476 drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and mo

CVE-2024-45016 [MEDIUM] CWE-416 netem: fix return value if duplicate enqueue fails netem: fix return value if duplicate enqueue fails FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-45021 [MEDIUM] CWE-476 memcg_write_event_control(): fix a user-triggerable oops memcg_write_event_control(): fix a user-triggerable oops FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-44947 [MEDIUM] CWE-665 fuse: Initialize beyond-EOF page contents before setting uptodate fuse: Initialize beyond-EOF page contents before setting uptodate FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2024-46676 [MEDIUM] CWE-369 nfc: pn533: Add poll mod list filling check nfc: pn533: Add poll mod list filling check FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed.

CVE-2024-46689 [MEDIUM] CWE-787 soc: qcom: cmd-db: Map shared memory as WC not WB soc: qcom: cmd-db: Map shared memory as WC not WB FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro

CVE-2024-44954 [MEDIUM] CWE-362 ALSA: line6: Fix racy access to midibuf ALSA: line6: Fix racy access to midibuf FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microso

CVE-2024-46807 [MEDIUM] CWE-476 drm/amd/amdgpu: Check tbo resource pointer drm/amd/amdgpu: Check tbo resource pointer FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2024-46822 [MEDIUM] CWE-476 arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sou

CVE-2024-46719 [MEDIUM] CWE-476 usb: typec: ucsi: Fix null pointer dereference in trace usb: typec: ucsi: Fix null pointer dereference in trace FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2024-46805 [MEDIUM] CWE-476 drm/amdgpu: fix the waring dereferencing hive drm/amdgpu: fix the waring dereferencing hive FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-45003 [MEDIUM] CWE-667 vfs: Don't evict inode under the inode lru traversing context vfs: Don't evict inode under the inode lru traversing context FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2024-46732 [MEDIUM] CWE-369 drm/amd/display: Assign linear_pitch_alignment even for VM drm/amd/display: Assign linear_pitch_alignment even for VM FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-46675 [MEDIUM] usb: dwc3: core: Prevent USB core invalid event buffer address access usb: dwc3: core: Prevent USB core invalid event buffer address access FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2024-44971 [MEDIUM] CWE-401 net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of th