You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 38212
About this tag
CVE-2025-38212 is a use-after-free vulnerability in the Linux kernel's IPC subsystem. The Linux kernel team has released a fix, and Microsoft's public CVE entry identifies Azure Linux as a product that includes the affected open-source library and is therefore potentially impacted. This makes Azure Linux a confirmed, high-priority target for patching. However, the entry does not technically prove that no other Microsoft product or artifact contains the same vulnerable kernel code. Users should also verify other Microsoft-supplied kernels and images, such as WSL2 kernels and Azure VM or marketplace kernels, to ensure comprehensive coverage against this vulnerability.
The Linux kernel team fixed a use‑after‑free in the IPC subsystem — tracked as CVE‑2025‑38212 — and Microsoft’s public CVE entry names Azure Linux as a product that “includes this open‑source library and is therefore potentially affected.” That statement is an authoritative, product‑level...