Microsoft’s brief CVE entry and product note is correct — Azure Linux (formerly CBL‑Mariner) has been identified as including the open‑source kernel component referenced by CVE‑2025‑38636 and is therefore “potentially affected” — but that product‑level attestation is not a proof that no other...
