Msrc Cm1 Kernel 5.4.91-11 On Cbl Mariner 1.0 vulnerabilities

CVE-2020-24394 [HIGH] CWE-732 In the Linux kernel before 5.7.8 fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support aka CID-22cf8419f131. This occurs becau In the Linux kernel before 5.7.8 fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support aka CID-22cf8419f131. This occurs because the current umask is not considered. FAQ: Is Azure Linux the only

CVE-2020-13974 [HIGH] CWE-190 An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row aka CID-b86dab054059. NOTE: Members in the An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security

CVE-2020-10757 [HIGH] CWE-119 A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privil A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. FAQ: Is Azure Linux the only Microsoft product t

CVE-2020-15393 [MEDIUM] CWE-401 In the Linux kernel 4.4 through 5.7.6 usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak aka CID-28ebeb8db770. In the Linux kernel 4.4 through 5.7.6 usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak aka CID-28ebeb8db770. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Az

CVE-2020-12657 [HIGH] CWE-416 An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body. An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our

CVE-2020-12653 [HIGH] CWE-787 An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of se An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow aka CID-b702

CVE-2020-12654 [HIGH] CWE-787 An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an inc An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy aka CID-3a9b153c5591. FAQ: Is Azure Linux the only Mic

CVE-2020-12771 [MEDIUM] CWE-667 An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails. An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the

CVE-2020-12770 [MEDIUM] An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case aka CID-83c6f2390040. An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case aka CID-83c6f2390040. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to ou

CVE-2020-13143 [MEDIUM] CWE-125 gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value which allows attacker gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value which allows attackers to trigger an out-of-bounds read aka CID-15753588bcd4. FAQ: Is A

CVE-2020-12655 [MEDIUM] CWE-835 An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata aka CID-d0c7feaf8767. FAQ: Is Azure Linux the only Microsoft produ

CVE-2020-11884 [HIGH] CWE-362 In the Linux kernel 4.19 through 5.6.7 on the s390 platform code execution may occur because of a race condition as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to In the Linux kernel 4.19 through 5.6.7 on the s390 platform code execution may occur because of a race condition as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade aka CID-3f777e19d171

CVE-2020-11668 [HIGH] CWE-476 In the Linux kernel before 5.6.1 drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors aka CID-a246b4d54770. In the Linux kernel before 5.6.1 drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors aka CID-a246b4d54770. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? On

CVE-2020-11725 [HIGH] snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line which later affects a private_size*count multiplication for unspecified "interesting side effect snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding because it could be relevant

CVE-2020-11494 [MEDIUM] CWE-908 An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data potentially containing sensitive informa An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data potentially containing sensitive information from kernel stack memory if the configuration lacks CONFIG_INI

CVE-2020-11565 [MEDIUM] CWE-787 An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing ak An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagre

CVE-2020-9383 [HIGH] CWE-125 An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before as An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it aka CID-2e90ca68b0d2. FAQ: Is Azure Linux the only Microso

CVE-2020-8648 [HIGH] CWE-416 There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who

CVE-2020-8649 [MEDIUM] CWE-416 There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c. There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to o

CVE-2020-8647 [MEDIUM] CWE-416 There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c. There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azu