Azure Linux 3.0 Security Update: shim / shim-unsigned-aarch64 / shim-unsigned-x64 (CVE-2023-40549)

The version of shim / shim-unsigned-aarch64 / shim-unsigned-x64 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-40549 advisory. - An out-of-bounds read flaw was found in Shim due to the lack of...

Azure Linux 3.0 Security Update: edk2 / hvloader (CVE-2023-45233)

The version of edk2 / hvloader installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45233 advisory. - EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option i...

Azure Linux 3.0 Security Update: kernel (CVE-2024-43856)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43856 advisory. - In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmamfreecoherent...

Azure Linux 3.0 Security Update: kernel (CVE-2024-45028)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45028 advisory. - In the Linux kernel, the following vulnerability has been resolved: mmc: mmctest: Fix NULL dereference on...

Azure Linux 3.0 Security Update: etcd / packer (CVE-2022-3064)

The version of etcd / packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3064 advisory. - Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory. CVE-2022-306...

Azure Linux 3.0 Security Update: kernel (CVE-2024-42075)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42075 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix remap of arena. The bpf arena...

Azure Linux 3.0 Security Update: grpc / keras / mysql / protobuf / pytorch (CVE-2022-1941)

The version of grpc / keras / mysql / protobuf / pytorch installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-1941 advisory. - A parsing vulnerability for the MessageSet type in the ProtocolBuffers...

Azure Linux 3.0 Security Update: qemu (CVE-2021-3929)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-3929 advisory. - A DMA reentrancy issue was found in the NVM Express Controller NVME emulation in QEMU. This CVE is similar to...

Azure Linux 3.0 Security Update: kernel (CVE-2024-50002)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50002 advisory. - In the Linux kernel, the following vulnerability has been resolved: staticcall: Handle module init failure...

Azure Linux 3.0 Security Update: kernel (CVE-2024-42271)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42271 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in...

Azure Linux 3.0 Security Update: cloud-hypervisor-cvm / hvloader / nodejs / nodejs18 / openssl (CVE-2023-6129)

The version of cloud-hypervisor-cvm / hvloader / nodejs / nodejs18 / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6129 advisory. - Issue summary: The POLY1305 MAC message authentication...

Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-27533)

The version of cmake / curl / mysql / rust / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-27533 advisory. - A vulnerability in input validation exists in curl 8.0 during communicatio...

Azure Linux 3.0 Security Update: mysql (CVE-2024-21196)

The version of mysql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21196 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: X Plugin. Supported versions tha...

Azure Linux 3.0 Security Update: python-pygments (CVE-2021-20270)

The version of python-pygments installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-20270 advisory. - An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 May lead to denial of service when...

Photon OS 4.0: Linux PHSA-2025-4.0-0742

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0742. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Azure Linux 3.0 Security Update: edk2 / hvloader (CVE-2024-1298)

The version of edk2 / hvloader installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1298 advisory. - EDK2 contains a vulnerability when S3 sleep is activated where an Attacker May cause a...

Azure Linux 3.0 Security Update: python-pip / python-urllib3 / python3 (CVE-2024-37891)

The version of python-pip / python-urllib3 / python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-37891 advisory. - urllib3 is a user-friendly HTTP client library for Python. When using urllib3...

Azure Linux 3.0 Security Update: xorg-x11-server / xorg-x11-server-Xwayland (CVE-2024-9632)

The version of xorg-x11-server / xorg-x11-server-Xwayland installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-9632 advisory. - A flaw was found in the X.org server. Due to improperly tracked allocatio...

Azure Linux 3.0 Security Update: kernel (CVE-2024-41073)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41073 advisory. - In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload ...

Azure Linux 3.0 Security Update: cert-manager / helm (CVE-2024-25620)

The version of cert-manager / helm installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-25620 advisory. - Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources...