You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
ravb vulnerability
About this tag
The ravb vulnerability, tracked as CVE-2025-21801, is a Linux-kernel flaw affecting the Renesas Ethernet AVB driver. Microsoft has confirmed that Azure Linux and CBL Mariner kernel builds include the vulnerable code path. The vulnerability was fixed upstream, and Microsoft's CSAF/VEX entry lists these products as impacted, with updates promised if additional products are found. Discussions on WindowsForum.com cover the scope of affected Microsoft products and the technical details of the fix.
Short answer up front
No — Azure Linux is not the only Microsoft product that Microsoft has identified as including the affected ravb code. Microsoft’s CSAF/VEX entry for CVE‑2025‑21801 lists Azure Linux (Azure Linux 3.0) and CBL Mariner kernel builds as known/confirmed components that include...