kernel security

Microsoft’s public advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate for the Azure Linux product family — but it is not a universal guarantee that no other Microsoft product ships the same vulnerable kernel code; the attestation is...

Microsoft’s brief advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate — but it is a product‑scoped attestation, not an assertion that no other Microsoft product can or does include the same vulnerable kernel code. Background / Overview...

Microsoft’s phrasing that “Azure Linux includes this open‑source library and is therefore potentially affected” is a product‑scoped inventory attestation — not a blanket statement that no other Microsoft product can or does include the same vulnerable code. Background / Overview CVE‑2025‑22109...

A subtle ordering bug in the RISC‑V KVM teardown sequence has been assigned CVE‑2025‑23135 and patched upstream: during module removal the KVM cleanup path could call architecture‑specific cleanup routines in the wrong order, leaving per‑CPU IRQ state inconsistent and preventing the KVM module...

Microsoft’s short advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate — but it is a product‑scoped attestation, not a categorical statement that no other Microsoft product could include the same vulnerable component. Background /...

Short answer (TL;DR) No — Azure Linux is the only Microsoft product Microsoft has publicly attested (via its MSRC/VEX/CSAF work) to include the upstream btrfs code for CVE‑2025‑22115 so far, but that statement is a scoped inventory attestation, not a proof that no other Microsoft‑distributed...

Microsoft’s concise MSRC wording that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate — but it is a product‑scoped attestation, not a categorical declaration that no other Microsoft product can or does include the same vulnerable Linux code...

Short answer up front No — Azure Linux is not the only Microsoft product that Microsoft has identified as including the affected ravb code. Microsoft’s CSAF/VEX entry for CVE‑2025‑21801 lists Azure Linux (Azure Linux 3.0) and CBL Mariner kernel builds as known/confirmed components that include...

Microsoft’s brief MSRC advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate for the Azure Linux product family, but it is a product‑scoped attestation — not a categorical claim that no other Microsoft product can include the same...

A small defensive change in the Linux kernel’s DRM subsystem — a missing NULL check in the xe_devcoredump path — was assigned CVE-2024-42081 and patched in mid‑2024; while the fix is trivial in code, the operational impact is real: a NULL assignment in kernel space can yield an immediate kernel...

A null-pointer bug in the Linux kernel’s virtio-pci driver — tracked as CVE-2024-42134 — can be triggered when the driver attempts to use an uninitialized pointer (vp_dev->is_avq) while tearing down virtqueues, allowing an attacker with local privileges to crash a guest and produce a...

The Linux kernel vulnerability tracked as CVE-2024-42151 fixes a subtle but dangerous mismatch between how the eBPF verifier reasons about a test-case function parameter and how the test itself actually invokes that function — a situation that can let the verifier elide a NULL check and allow a...

Microsoft’s MSRC advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” is an authoritative, product‑scoped attestation — but it is not a categorical guarantee that no other Microsoft product contains the same vulnerable AMDGPU code; Azure Linux is...

The Linux kernel patch credited to CVE‑2024‑42066 fixes a subtle but important arithmetic bug in the DRM XE driver: the code now explicitly casts tbo->page_alignment to a 64‑bit unsigned type (u64) before performing a bit shift used to compute min_page_size, removing a possible integer overflow...

A small defensive change — adding a NULL check to xe_ttm_stolen_mgr_init in the DRM xe driver — has been recorded as CVE-2024-42065 and closes a simple but consequential kernel robustness hole that can be used to trigger a local denial-of-service by forcing a driver or kernel oops. The...

The Linux kernel patch for CVE-2024-42107 fixes a race in the Intel "ice" network driver where an external timestamp interrupt handler could process a timestamp after the driver had released its Precision Time Protocol (PTP) clock — a timing-of-check/time-of-use (TOCTOU) race that could produce...

A newly disclosed Linux kernel vulnerability in the RDMA/siw stack — tracked as CVE‑2024‑57857 — can cause a kernel-mode use‑after‑free (KASAN slab-use-after-free) in siw_query_port, producing a hard availability failure and forcing reboots or kernel oopses on affected systems; operators must...

Microsoft’s public mapping that “Azure Linux includes this open‑source library and is therefore potentially affected” is a precise, product‑level attestation — and it should be treated as an authoritative signal for any organization that runs Azure Linux images — but it is not a categorical...

Microsoft’s public attestation that “Azure Linux includes this open‑source library and is therefore potentially affected” should be read as a deliberate, product‑scoped inventory statement — authoritative for Azure Linux, useful for automation, but not proof that no other Microsoft product can...

A null-pointer risk in the Linux kernel’s RDS sysctl handlers — tracked as CVE‑2025‑21635 — has been fixed upstream after maintainers removed unsafe use of current->nsproxy from the rdstcp{rcv,snd}buf code, closing a denial‑of‑service vector that could produce kernel OOPSes and crashes in...