You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 37877
About this tag
CVE-2025-37877 is a security vulnerability affecting Azure Linux, as publicly attested by Microsoft via CSAF/VEX. The vulnerability involves a kernel risk related to an open-source component. While Azure Linux is the only Microsoft product confirmed to include the affected code, other products may theoretically contain the upstream component. Users should prioritize patching Azure Linux systems and monitor Microsoft's advisory for updates. The tag covers discussions on the vulnerability's scope, Microsoft's disclosure process, and remediation steps.
Note: short answer up front
No — Azure Linux is not technically the only Microsoft product that could include the vulnerable upstream code, but it is the only Microsoft product Microsoft has publicly attested (via CSAF/VEX) as including the affected open‑source component at the time of the...