CVE-2025-38181 is a kernel-level null-pointer dereference in the CALIPSO option handling that was fixed upstream by defensive checks in calipso_req_setattr() and calipso_req_delattr(); Microsoft’s Security Response Center (MSRC) has publicly attested that Azure Linux includes the implicated...
