Msrc Cbl Mariner 2.0 Arm vulnerabilities

CVE-2024-50128 [HIGH] CWE-125 net: wwan: fix global oob in wwan_rtnl_policy net: wwan: fix global oob in wwan_rtnl_policy FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compose

CVE-2024-53061 [HIGH] CWE-191 media: s5p-jpeg: prevent buffer overflows media: s5p-jpeg: prevent buffer overflows FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Micro

CVE-2024-50269 [HIGH] CWE-416 usb: musb: sunxi: Fix accessing an released usb phy usb: musb: sunxi: Fix accessing an released usb phy FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-50150 [HIGH] CWE-416 usb: typec: altmode should keep reference to parent usb: typec: altmode should keep reference to parent FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distr

CVE-2024-50209 [HIGH] RDMA/bnxt_re: Add a check for memory allocation RDMA/bnxt_re: Add a check for memory allocation FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. M

CVE-2024-50264 [HIGH] CWE-416 vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions

CVE-2024-50267 [HIGH] CWE-416 USB: serial: io_edgeport: fix use after free in debug printk USB: serial: io_edgeport: fix use after free in debug printk FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-50115 [HIGH] CWE-125 KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-50278 [HIGH] CWE-125 dm cache: fix potential out-of-bounds access on the first resume dm cache: fix potential out-of-bounds access on the first resume FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-50296 [MEDIUM] net: hns3: fix kernel crash when uninstalling driver net: hns3: fix kernel crash when uninstalling driver FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2024-50273 [MEDIUM] CWE-908 btrfs: reinitialize delayed ref list after deleting it from the list btrfs: reinitialize delayed ref list after deleting it from the list FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open s

CVE-2024-50182 [MEDIUM] secretmem: disable memfd_secret() if arch cannot set direct map secretmem: disable memfd_secret() if arch cannot set direct map FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-50251 [MEDIUM] netfilter: nft_payload: sanitize offset and length before calling skb_checksum() netfilter: nft_payload: sanitize offset and length before calling skb_checksum() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versio

CVE-2024-50179 [MEDIUM] ceph: remove the incorrect Fw reference check when dirtying pages ceph: remove the incorrect Fw reference check when dirtying pages FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2024-50117 [MEDIUM] drm/amd: Guard against bad data for ATIF ACPI method drm/amd: Guard against bad data for ATIF ACPI method FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2024-50168 [MEDIUM] net/sun3_82586: fix potential memory leak in sun3_82586_send_packet() net/sun3_82586: fix potential memory leak in sun3_82586_send_packet() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2024-36621 [MEDIUM] CWE-362 moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulti moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion. FAQ: Is Azure Linux the only Micr

CVE-2024-50201 [MEDIUM] drm/radeon: Fix encoder->possible_clones drm/radeon: Fix encoder->possible_clones FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is

CVE-2024-50096 [MEDIUM] nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2024-50198 [MEDIUM] iio: light: veml6030: fix IIO device retrieval from embedded device iio: light: veml6030: fix IIO device retrieval from embedded device FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr