Msrc Cm1 Kernel 5.10.145.1-1 On Cbl Mariner 1.0 vulnerabilities

CVE-2022-39842 [MEDIUM] CWE-190 An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c the count parameter has a type conflict of size_t versus int causing an integer overflo An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c the count parameter has a type conflict of size_t versus int causing an integer overflow and bypassing the size check. After that because it is used as th

CVE-2022-2785 [MEDIUM] CWE-125 Arbitrary Memory read in BPF Linux Kernel Arbitrary Memory read in BPF Linux Kernel FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Micr

CVE-2022-1973 [HIGH] CWE-416 A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem. FAQ: Is Azure Linux the only Microsoft product that includes

CVE-2022-2991 [MEDIUM] CWE-787 A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacke

CVE-2022-2503 [MEDIUM] CWE-287 Linux Kernel LoadPin bypass via dm-verity table reload Linux Kernel LoadPin bypass via dm-verity table reload FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which th

CVE-2022-2873 [MEDIUM] CWE-131 An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with maliciou An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system. FA

CVE-2022-1204 [MEDIUM] CWE-416 A use-after-free flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system. A use-after-free flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system. FAQ: Is Azure Linux the only Microsoft product that includes this open-source li

CVE-2022-36946 [HIGH] nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because in the case of an nf_queue verdict with a one-b nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because in the case of an nf_queue verdict with a one-byte nfta_payload attribute an skb_pull can encounter a negative skb->len. FA

CVE-2022-33743 [HIGH] network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path) a code label was moved in a way allowing for SKBs having references (pointers) retained network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path) a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed. FAQ: Is Azure Linux the on

CVE-2022-33744 [MEDIUM] Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm dom0 is using an rbtree to keep track of the foreign mappings. Updating of that rbtree is not always done completely wi Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm dom0 is using an rbtree to keep track of the foreign mappings. Updating of that rbtree is not always done completely with the related lock held resulting in a small race window which can be used

CVE-2022-1882 [HIGH] CWE-416 A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privi