Azure Linux 3.0 Security Update: nodejs / nodejs18 (CVE-2025-23166)

The version of nodejs / nodejs18 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23166 advisory. - The C++ method SignTraits::DeriveBits May incorrectly call ThrowException based on user-supplied...

Azure Linux 3.0 Security Update: pam (CVE-2025-6020)

The version of pam installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-6020 advisory. - A flaw was found in linux-pam. The module pamnamespace May use access user-controlled paths without proper...

Azure Linux 3.0 Security Update: cloud-init (CVE-2024-11584)

The version of cloud-init installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-11584 advisory. - cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default...

Azure Linux 3.0 Security Update: gdk-pixbuf2 (CVE-2025-6199)

The version of gdk-pixbuf2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-6199 advisory. - A flaw was found in the GIF parser of GdkPixbuf's LZW decoder. When an invalid symbol is encountered...

Azure Linux 3.0 Security Update: busybox (CVE-2022-48174)

The version of busybox installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-48174 advisory. - There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Interne...

Azure Linux 3.0 Security Update: cloud-init (CVE-2024-6174)

The version of cloud-init installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6174 advisory. - When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP...

Azure Linux 3.0 Security Update: bind (CVE-2024-11187)

The version of bind installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-11187 advisory. - It is possible to construct a zone such that some queries to it will generate responses containing numerous...

Azure Linux 3.0 Security Update: ruby (CVE-2024-43398)

The version of ruby installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43398 advisory. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML tha...

Azure Linux 3.0 Security Update: libxml2 (CVE-2025-32415)

The version of libxml2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32415 advisory. - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-...

Azure Linux 3.0 Security Update: net-tools (CVE-2025-46836)

The version of net-tools installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-46836 advisory. - net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37785)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37785 advisory. - In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot...

Azure Linux 3.0 Security Update: curl / mysql (CVE-2025-0665)

The version of curl / mysql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-0665 advisory. - libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channe...

Azure Linux 3.0 Security Update: kernel (CVE-2025-22097)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22097 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double...

Azure Linux 3.0 Security Update: qt5-qtbase / qtbase (CVE-2025-30348)

The version of qt5-qtbase / qtbase installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-30348 advisory. - encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and...

Azure Linux 3.0 Security Update: opensc (CVE-2023-40661)

The version of opensc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-40661 advisory. - Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollme...

Azure Linux 3.0 Security Update: kernel (CVE-2025-22056)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22056 advisory. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nfttunnel: fix geneveopt type...

Azure Linux 3.0 Security Update: erlang (CVE-2025-46712)

The version of erlang installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-46712 advisory. - Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for...

Azure Linux 3.0 Security Update: binutils (CVE-2025-5245)

The version of binutils installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5245 advisory. - A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function...

Azure Linux 3.0 Security Update: kernel (CVE-2025-23136)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23136 advisory. - In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: Add NULL check for ade...

Azure Linux 3.0 Security Update: libvirt (CVE-2024-4418)

The version of libvirt installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4418 advisory. - A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the...