Msrc Cm1 Kernel 5.10.88.1-2 On Cbl Mariner 1.0 vulnerabilities

CVE-2021-45485 [HIGH] CWE-327 In the IPv6 implementation in the Linux kernel before 5.13.3 net/ipv6/output_core.c has an information leak because of certain use of a hash table which although big doesn't properly consider that IPv In the IPv6 implementation in the Linux kernel before 5.13.3 net/ipv6/output_core.c has an information leak because of certain use of a hash table which although big doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source address

CVE-2021-45480 [MEDIUM] CWE-401 An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances. An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is th

CVE-2021-45486 [LOW] CWE-327 In the IPv4 implementation in the Linux kernel before 5.12.4 net/ipv4/route.c has an information leak because the hash table is very small. In the IPv4 implementation in the Linux kernel before 5.12.4 net/ipv4/route.c has an information leak because the hash table is very small. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers w

CVE-2021-43975 [MEDIUM] CWE-787 In the Linux kernel through 5.15.2 hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of In the Linux kernel through 5.15.2 hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. FAQ: Is Azure Linux the

CVE-2021-43976 [MEDIUM] In the Linux kernel through 5.15.2 mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic In the Linux kernel through 5.15.2 mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). FAQ: Is Azure Linux the only Microsoft product that includes this open-