Msrc Cbl Mariner 2.0 Arm vulnerabilities

CVE-2015-5157 [HIGH] CVE-2015-5157: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2015-5157 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: kernel Reference: https://nvd.nist.gov/vuln/detail/CVE-2015-5157

CVE-2013-4342 [HIGH] CVE-2013-4342: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2013-4342 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: xinetd Reference: https://nvd.nist.gov/vuln/detail/CVE-2013-4342

CVE-2024-39291 [HIGH] CWE-120 drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most rec

CVE-2014-3618 [HIGH] CVE-2014-3618: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2014-3618 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: procmail Reference: https://nvd.nist.gov/vuln/detail/CVE-2014-3618

CVE-2024-38381 [HIGH] CWE-908 nfc: nci: Fix uninit-value in nci_rx_work nfc: nci: Fix uninit-value in nci_rx_work FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Micro

CVE-2008-2149 [HIGH] CVE-2008-2149: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2008-2149 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: wordnet Reference: https://nvd.nist.gov/vuln/detail/CVE-2008-2149

CVE-2024-37370 [HIGH] In MIT Kerberos 5 (aka krb5) before 1.21.3 an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token causing the unwrapped token to appear truncated to the applicati In MIT Kerberos 5 (aka krb5) before 1.21.3 an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token causing the unwrapped token to appear truncated to the application. FAQ: Is Azure Linux the only Microsoft product that includes this open-s

CVE-2024-38577 [HIGH] CWE-120 rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2024-38583 [HIGH] CWE-416 nilfs2: fix use-after-free of timer for log writer thread nilfs2: fix use-after-free of timer for log writer thread FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-0397 [HIGH] CWE-362 Memory race condition in ssl.SSLContext certificate store methods Memory race condition in ssl.SSLContext certificate store methods FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source lib

CVE-2024-29038 [MEDIUM] CWE-1283 tpm2 does not detect if quote was not generated by TPM tpm2 does not detect if quote was not generated by TPM FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2024-29040 [MEDIUM] CWE-502 Fapi Verify Quote: Does not detect if quote was not generated by TPM Fapi Verify Quote: Does not detect if quote was not generated by TPM FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open s

CVE-2013-6381 [MEDIUM] CVE-2013-6381: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2013-6381 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: kernel Reference: https://nvd.nist.gov/vuln/detail/CVE-2013-6381

CVE-2014-9636 [MEDIUM] CVE-2014-9636: Mariner: Mariner cve@mitre Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade

CVE-2015-7696 [MEDIUM] CVE-2015-7696: Mariner: Mariner cve@mitre Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade

CVE-2007-2768 [MEDIUM] CVE-2007-2768: Mariner: Mariner cve@mitre Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade

CVE-2023-52890 [MEDIUM] NTFS-3G before 75dcdc2 has a use-after-free in ntfs_uppercase_mbs in libntfs-3g/unistr.c. NOTE: discussion suggests that exploitation would be challenging. NTFS-3G before 75dcdc2 has a use-after-free in ntfs_uppercase_mbs in libntfs-3g/unistr.c. NOTE: discussion suggests that exploitation would be challenging. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main

CVE-2024-6104 [MEDIUM] CWE-532 go-retryablehttp can leak basic auth credentials to log files go-retryablehttp can leak basic auth credentials to log files FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries

CVE-2014-3185 [MEDIUM] CVE-2014-3185: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2014-3185 Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: kernel Reference: https://nvd.nist.gov/vuln/detail/CVE-2014-3185

CVE-2015-7697 [MEDIUM] CVE-2015-7697: Mariner: Mariner cve@mitre Mariner: Mariner [email protected]: [email protected] Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade