Msrc Cm1 Kernel 5.10.131.1-1 On Cbl Mariner 1.0 vulnerabilities

CVE-2022-34918 [HIGH] CWE-843 An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges a differen An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges a different vulnerability than CVE-2022-32250. (The attacker can obtain root ac

CVE-2021-33656 [MEDIUM] CWE-787 When setting font with malicous data by ioctl cmd PIO_FONTkernel will write memory out of bounds. When setting font with malicous data by ioctl cmd PIO_FONTkernel will write memory out of bounds. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date w

CVE-2022-2318 [MEDIUM] CWE-416 There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges. There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vuln

CVE-2022-32981 [HIGH] CWE-120 An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating poi An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers. FAQ: Is Azure Linux the only Microsoft product that in

CVE-2022-1852 [MEDIUM] CWE-476 A NULL pointer dereference flaw was found in the Linux kernel’s KVM module which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an A NULL pointer dereference flaw was found in the Linux kernel’s KVM module which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU. FAQ: Is Azure Linux

CVE-2022-34495 [MEDIUM] CWE-415 rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free. rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to

CVE-2022-34494 [MEDIUM] CWE-415 rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free. rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the

CVE-2022-2078 [MEDIUM] CWE-121 A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() causing a denial of ser A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() causing a denial of service and possibly to run code. FAQ: Is Azure Linux the only Microsof

CVE-2022-33981 [LOW] CWE-416 drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function. drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function. FAQ: Is Azure Linux the only Microsoft product that includes this open-sourc

CVE-2022-32296 [LOW] CWE-330 The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056. FAQ: Is Azure Linux the only Microsoft product that includes t

CVE-2022-1652 [HIGH] CWE-416 Linux Kernel could allow a local attacker to execute arbitrary code on the system caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program an Linux Kernel could allow a local attacker to execute arbitrary code on the system caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program an attacker could exploit this vulnerability to execute arbitrary code or

CVE-2022-1786 [HIGH] CWE-416 A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This fla A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the sys

CVE-2022-0854 [MEDIUM] CWE-401 A memory leak flaw was found in the Linux kernel’s DMA subsystem in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space. A memory leak flaw was found in the Linux kernel’s DMA subsystem in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore pot

CVE-2021-37159 [MEDIUM] CWE-415 hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state leading to a use-after-free and a double free. hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state leading to a use-after-free and a double free. FAQ: Is Azure Linux the only Microsoft product that includes this o

CVE-2021-32078 [HIGH] CWE-125 An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn't be negative e.g. access to An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn't be negative e.g. access to element -2 of an array aka CID-298a58e165e4. FAQ: Is Azure Linux th