cve 2025 38444

CVE-2025-38444 is a Linux kernel vulnerability that affects Azure Linux, as confirmed by Microsoft's product-scoped attestation. The attestation states that Azure Linux includes the vulnerable open-source library and is potentially affected, but it does not guarantee that other Microsoft products are unaffected. Whether other products are impacted depends on per-artifact kernel versions and build configurations, requiring artifact-level verification or an explicit Microsoft attestation. This tag covers discussions about the scope and implications of CVE-2025-38444, particularly regarding Microsoft's Azure Linux and the need for detailed risk assessment across different artifacts.