The recently assigned CVE-2025-37921 patches a locking bug in the Linux kernel’s VXLAN vnifilter code that could leave the Forwarding Database (FDB) in an inconsistent state when a Virtual Network Identifier (VNI) is deleted. Microsoft’s public wording on the CVE names Azure Linux as a product...
Microsoft’s brief public attestation that Azure Linux “includes this open‑source library and is therefore potentially affected” is accurate for the product inventory the company has completed — but it is not an assurance that Azure Linux is the only Microsoft product that could contain the...
