Msrc Cbl Mariner 2.0 X64 vulnerabilities

CVE-2024-49852 [HIGH] CWE-416 scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the

CVE-2024-49886 [MEDIUM] platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-47684 [MEDIUM] CWE-476 tcp: check skb is non-NULL in tcp_rto_delta_us() tcp: check skb is non-NULL in tcp_rto_delta_us() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is

CVE-2024-49955 [MEDIUM] CWE-672 ACPI: battery: Fix possible crash when unregistering a battery hook ACPI: battery: Fix possible crash when unregistering a battery hook FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sou

CVE-2024-47764 [MEDIUM] CWE-74 cookie accepts cookie name path and domain with out of bounds characters cookie accepts cookie name path and domain with out of bounds characters FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the

CVE-2024-49946 [MEDIUM] ppp: do not assume bh is held in ppp_channel_bridge_input() ppp: do not assume bh is held in ppp_channel_bridge_input() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2024-47735 [MEDIUM] CWE-667 RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr

CVE-2024-47706 [MEDIUM] CWE-416 block bfq: fix possible UAF for bfqq->bic with merge chain block bfq: fix possible UAF for bfqq->bic with merge chain FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-50003 [MEDIUM] CWE-476 drm/amd/display: Fix system hang while resume with TBT monitor drm/amd/display: Fix system hang while resume with TBT monitor FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar

CVE-2024-49868 [MEDIUM] CWE-476 btrfs: fix a NULL pointer dereference when failed to start a new trasacntion btrfs: fix a NULL pointer dereference when failed to start a new trasacntion FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versio

CVE-2023-52917 [MEDIUM] ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2024-47679 [MEDIUM] CWE-362 vfs: fix race between evice_inodes() and find_inode()&iput() vfs: fix race between evice_inodes() and find_inode()&iput() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries

CVE-2024-49957 [MEDIUM] CWE-476 ocfs2: fix null-ptr-deref when journal load failed. ocfs2: fix null-ptr-deref when journal load failed. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the dis

CVE-2024-8925 [LOW] Erroneous parsing of multipart form data Erroneous parsing of multipart form data FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is comm

CVE-2024-47749 [MEDIUM] CWE-476 RDMA/cxgb4: Added NULL check for lookup_atid RDMA/cxgb4: Added NULL check for lookup_atid FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compose

CVE-2024-49977 [MEDIUM] CWE-369 net: stmmac: Fix zero-division error when disabling tc cbs net: stmmac: Fix zero-division error when disabling tc cbs FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-49973 [MEDIUM] r8169: add tally counter fields added with RTL8125 r8169: add tally counter fields added with RTL8125 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is com

CVE-2024-47739 [MEDIUM] CWE-190 padata: use integer wrap around to prevent deadlock on seq_nr overflow padata: use integer wrap around to prevent deadlock on seq_nr overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2024-47699 [MEDIUM] CWE-476 nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries

CVE-2024-21197 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easi Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network acc