You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 37770
About this tag
CVE-2025-37770 is a medium-severity Linux kernel vulnerability in the AMD DRM power-management code (drm/amd/pm path), caused by missing input validation. Microsoft's Azure Linux includes the affected open-source library and is therefore potentially impacted, but the company's product-scoped attestation does not rule out other Microsoft products containing the same vulnerable kernel code. Discussions on WindowsForum.com examine the scope of Microsoft's disclosure, the technical details of the vulnerability, and the implications for enterprise users running Azure Linux or other Microsoft offerings that may incorporate the affected Linux kernel components.
Microsoft’s brief public note — that “Azure Linux includes this open‑source library and is therefore potentially affected” — is accurate for the product it names, but it is a product‑scoped attestation, not proof that no other Microsoft product could contain the same vulnerable kernel code...