You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2024 42289
About this tag
CVE-2024-42289 is a vulnerability in the qla2xxx SCSI kernel driver that affects Azure Linux, as confirmed by Microsoft's MSRC. The issue is scoped to Azure Linux as a high-priority carrier, but other Microsoft-distributed kernels or images that include the same vulnerable upstream commit may also be affected. Discussions on WindowsForum focus on understanding the scope of this vulnerability, emphasizing that Microsoft's attestation does not guarantee exclusivity to Azure Linux. Users should verify other Microsoft products for potential exposure to CVE-2024-42289.
Microsoft’s brief MSRC note that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate — but it is a product‑scoped inventory attestation, not a technical guarantee that no other Microsoft product can include the same vulnerable Linux kernel driver...