Msrc Cbl Mariner 2.0 X64 vulnerabilities

CVE-2021-33643 [CRITICAL] CWE-125 An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink causing an out-of-bounds read. An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink causing an out-of-bounds read. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is ther

CVE-2022-37434 [CRITICAL] CWE-787 zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. S zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but

CVE-2021-33646 [HIGH] CWE-401 The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory which may cause a memory leak. The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory which may cause a memory leak. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Li

CVE-2021-33644 [HIGH] CWE-125 An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname causing an out-of-bounds read. An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname causing an out-of-bounds read. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefor

CVE-2022-1552 [HIGH] CWE-459 A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum REINDEX CREATE INDEX REFRESH MA A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum REINDEX CREATE INDEX REFRESH MATERIALIZED VIEW CLUSTER and pg_amcheck commands activated relevant pro

CVE-2022-3028 [HIGH] CWE-362 A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local at A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel he

CVE-2022-1976 [HIGH] CWE-416 A flaw was found in the Linux kernel’s implementation of IO-URING. This flaw allows an attacker with local executable permission to create a string of requests that can cause a use-after-free flaw wit A flaw was found in the Linux kernel’s implementation of IO-URING. This flaw allows an attacker with local executable permission to create a string of requests that can cause a use-after-free flaw within the kernel. This issue leads to memory corruption and possible pri

CVE-2022-0358 [HIGH] CWE-273 A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories sha A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a

CVE-2022-0135 [HIGH] CWE-787 An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_E An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl leading to a denial of service or possible code execut

CVE-2022-3037 [HIGH] CWE-416 Use After Free in vim/vim Use After Free in vim/vim FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency

CVE-2022-3016 [HIGH] CWE-416 Use After Free in vim/vim Use After Free in vim/vim FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency

CVE-2021-3929 [HIGH] CWE-416 A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and just like it when the reentrancy write triggers the reset function nvm A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and just like it when the reentrancy write triggers the reset function nvme_ctrl_reset() data structs will be freed leading to a use-after-free

CVE-2021-33645 [HIGH] CWE-401 The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory which may cause a memory leak. The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory which may cause a memory leak. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Li

CVE-2022-1199 [HIGH] CWE-416 A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space resulting in a null-ptr-deref vulnerability and a use-after A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability. FAQ: Is Azure Linux the only Microsoft product t

CVE-2022-0934 [HIGH] CWE-416 A single-byte non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq potentially causing a denial of service. A single-byte non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq potentially causing a denial of service. FAQ: Is Azure Linux the only Microsoft product that includes this open-source libr

CVE-2022-1271 [HIGH] CWE-20 An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example a crafted file name) this can overwrite an attacker's An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example a crafted file name) this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due t

CVE-2021-4158 [MEDIUM] CWE-476 A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious privileged user within the guest could use this flaw to crash the QEMU process on the host resulting in a denial of ser A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious privileged user within the guest could use this flaw to crash the QEMU process on the host resulting in a denial of service condition. FAQ: Is Azure Linux the only Microsoft product that

CVE-2022-2868 [MEDIUM] CWE-1284 libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library a

CVE-2021-35937 [HIGH] CWE-367 A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501 potentially gain A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501 potentially gaining root privileges. The highest threat from this vulnerability is to

CVE-2022-2953 [MEDIUM] CWE-125 LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905 allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sou LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905 allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources the fix is available with commit 48d6ece8. FAQ: Is Azure Linux