Azure Linux 3.0 Security Update: edk2 / openssl (CVE-2021-4160)

The version of edk2 / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-4160 advisory. - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46829)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46829 advisory. - In the Linux kernel, the following vulnerability has been resolved: rtmutex: Drop rtmutex::waitlock before...

Azure Linux 3.0 Security Update: kernel (CVE-2024-38381)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-38381 advisory. - In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in ncirxwork...

Azure Linux 3.0 Security Update: kernel (CVE-2024-41009)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41009 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46800)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46800 advisory. - In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-26993)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26993 advisory. - In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fix reference leak in...

Azure Linux 3.0 Security Update: hdf5 (CVE-2024-32616)

The version of hdf5 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32616 advisory. - HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5Odtypeencodehelper in H5Odtype.c...

Azure Linux 3.0 Security Update: php (CVE-2024-8929)

The version of php installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8929 advisory. - In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, a hostile MySQL server can cause the...

Azure Linux 3.0 Security Update: kernel (CVE-2024-39473)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39473 advisory. - In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input form...

Azure Linux 3.0 Security Update: gdk-pixbuf2 (CVE-2022-48622)

The version of gdk-pixbuf2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-48622 advisory. - In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters...

Azure Linux 3.0 Security Update: qemu (CVE-2021-4158)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-4158 advisory. - A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the...

Azure Linux 3.0 Security Update: qemu / qemu-kvm (CVE-2021-4206)

The version of qemu / qemu-kvm installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-4206 advisory. - A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursoralloc...

Azure Linux 3.0 Security Update: kernel (CVE-2024-42229)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42229 advisory. - In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer...

Azure Linux 3.0 Security Update: xorg-x11-server (CVE-2023-1393)

The version of xorg-x11-server installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-1393 advisory. - A flaw was found in X.Org Server Overlay Window. A Use-After-Free May lead to local privilege...

Azure Linux 3.0 Security Update: kernel (CVE-2024-47723)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47723 advisory. - In the Linux kernel, the following vulnerability has been resolved: jfs: fix out-of-bounds in dbNextAG and...

Azure Linux 3.0 Security Update: libtiff (CVE-2024-7006)

The version of libtiff installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7006 advisory. - A null pointer dereference flaw was found in Libtiff via tifdirinfo.c. This issue May allow an attacker to...

Azure Linux 3.0 Security Update: krb5 (CVE-2024-26461)

The version of krb5 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26461 advisory. - Kerberos 5 aka krb5 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c...

Azure Linux 3.0 Security Update: sox (CVE-2017-15371)

The version of sox installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-15371 advisory. - There is a reachable assertion abort in the function soxappendcomment in formats.c in Sound eXchange SoX 14.4.2...

Azure Linux 3.0 Security Update: hyperv-daemons / kernel (CVE-2021-45480)

The version of hyperv-daemons / kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-45480 advisory. - An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the...

Azure Linux 3.0 Security Update: kernel (CVE-2024-49903)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49903 advisory. - In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uaf in dbFreeBits syzbot report...