Msrc Cbl Mariner 2.0 X64 vulnerabilities

CVE-2024-50185 [MEDIUM] mptcp: handle consistently DSS corruption mptcp: handle consistently DSS corruption FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft i

CVE-2024-52337 [MEDIUM] CWE-20 Tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method Tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most

CVE-2024-50095 [MEDIUM] RDMA/mad: Improve handling of timed out WRs of mad agent RDMA/mad: Improve handling of timed out WRs of mad agent FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d

CVE-2024-50194 [MEDIUM] arm64: probes: Fix uprobes for big-endian kernels arm64: probes: Fix uprobes for big-endian kernels FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compo

CVE-2024-53055 [MEDIUM] wifi: iwlwifi: mvm: fix 6 GHz scan construction wifi: iwlwifi: mvm: fix 6 GHz scan construction FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed.

CVE-2024-50202 [MEDIUM] CWE-755 nilfs2: propagate directory read errors from nilfs_find_entry() nilfs2: propagate directory read errors from nilfs_find_entry() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-50093 [MEDIUM] thermal: intel: int340x: processor: Fix warning during module unload thermal: intel: int340x: processor: Fix warning during module unload FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

CVE-2024-50163 [MEDIUM] bpf: Make sure internal and UAPI bpf_redirect flags don't overlap bpf: Make sure internal and UAPI bpf_redirect flags don't overlap FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2024-50103 [MEDIUM] CWE-476 ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of th

CVE-2024-50116 [MEDIUM] nilfs2: fix kernel bug due to missing clearing of buffer delay flag nilfs2: fix kernel bug due to missing clearing of buffer delay flag FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-50196 [MEDIUM] CWE-754 pinctrl: ocelot: fix system hang on level based interrupts pinctrl: ocelot: fix system hang on level based interrupts FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-53052 [MEDIUM] io_uring/rw: fix missing NOWAIT check for O_DIRECT start write io_uring/rw: fix missing NOWAIT check for O_DIRECT start write FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-50160 [MEDIUM] CWE-476 ALSA: hda/cs8409: Fix possible NULL dereference ALSA: hda/cs8409: Fix possible NULL dereference FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is c

CVE-2024-50148 [MEDIUM] Bluetooth: bnep: fix wild-memory-access in proto_unregister Bluetooth: bnep: fix wild-memory-access in proto_unregister FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2024-53063 [MEDIUM] media: dvbdev: prevent the risk of out of memory access media: dvbdev: prevent the risk of out of memory access FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2024-50245 [MEDIUM] fs/ntfs3: Fix possible deadlock in mi_read fs/ntfs3: Fix possible deadlock in mi_read FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft

CVE-2024-0134 [MEDIUM] CWE-61 NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and

CVE-2024-50265 [MEDIUM] ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of

CVE-2024-50188 [MEDIUM] net: phy: dp83869: fix memory corruption when enabling fiber net: phy: dp83869: fix memory corruption when enabling fiber FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-50229 [MEDIUM] CWE-667 nilfs2: fix potential deadlock with newly created symlinks nilfs2: fix potential deadlock with newly created symlinks FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with