You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 38201
About this tag
CVE-2025-38201 is a vulnerability in the Linux kernel's netfilter component that has been publicly attested by Microsoft as affecting Azure Linux (formerly CBL-Mariner). Microsoft's attestation confirms that Azure Linux includes the vulnerable open-source library, but notes this is a product-scoped inventory statement and does not guarantee other Microsoft products are unaffected. Microsoft has stated it will update its CSAF/VEX attestations if additional products are identified. Discussions on WindowsForum cover the scope of the vulnerability, Microsoft's disclosure practices, and implications for Azure Linux users. The tag aggregates threads and resources for those tracking this specific CVE and its impact on Microsoft's Linux distributions.
Microsoft’s brief public attestation that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate — but it is a product‑scoped inventory statement, not a guarantee that no other Microsoft product can or does include the vulnerable netfilter code. Azure...