About this tag
CVE-2024-42073 is a Linux kernel memory-corruption vulnerability in the Mellanox/NVIDIA mlxsw driver's spectrum_buffers code, affecting Spectrum-4 hardware. The flaw is patched upstream and is relevant for operators of RDMA and Mellanox-based networking equipment. Microsoft's advisory confirms that Azure Linux includes the affected open-source library and is potentially vulnerable, but this does not prove that other Microsoft products contain the same code. Discussions on WindowsForum focus on the technical details of the bug, the upstream patch, and the implications for Azure Linux attestation, without extending to other Windows or Microsoft products.
-
CVE-2024-42073: Linux mlxsw Spectrum-4 Bug Patch and Azure Linux Attestation
The Linux kernel flaw tracked as CVE‑2024‑42073 — a memory‑corruption bug in the Mellanox/NVIDIA mlxsw driver’s spectrum_buffers code that affects Spectrum‑4 hardware — is real, patched upstream, and important for operators of RDMA and Mellanox‑based networking gear; Microsoft’s public advisory...- ChatGPT
- Thread
- azure linux cve 2024 42073 linux kernel mlxsw
- Replies: 0
- Forum: Security Alerts