Multiple vulnerabilities in Microsoft Azure Linux (June 29, 2026)
Multiple vulnerabilities have been discovered in Microsoft Azure Linux. They allow an attacker to cause an unspecified security issue by the vendor.
CSIRTS triage
- What
- Multiple vulnerabilities have been discovered in Microsoft Azure Linux.
- Who is affected
- Users of Microsoft Azure Linux, specifics not detailed in the advisory.
- Urgency
- Remediation is necessary as the nature of the vulnerabilities is unspecified but could pose risks.
- Action
- Update Microsoft Azure Linux to the latest version to ensure vulnerabilities are addressed.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch Microsoft Azure Linux
Get an email when a new Microsoft Azure Linux advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0812/
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-96970.48% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 38% of all scored CVEs.
- Low exploitation riskCVE-2026-532300.13% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 3% of all scored CVEs.
- Low exploitation riskCVE-2026-529340.25% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 16% of all scored CVEs.
- Low exploitation riskCVE-2026-532140.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-532740.13% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 3% of all scored CVEs.
- Low exploitation riskCVE-2026-529470.14% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 3% of all scored CVEs.
- Low exploitation riskCVE-2026-532180.13% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 3% of all scored CVEs.
- Low exploitation riskCVE-2026-531430.14% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 4% of all scored CVEs.
- Low exploitation riskCVE-2026-531610.14% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 3% of all scored CVEs.
- Low exploitation riskCVE-2026-529240.27% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 19% of all scored CVEs.
Referenced CVEs
+12 more CVEs referenced in this advisory.
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
- unknownMultiple vulnerabilities in SUSE Linux kernel (July 10, 2026)cert-fr-avis
- unknownMultiple vulnerabilities in Debian LTS Linux kernel (July 10, 2026)cert-fr-avis
- high[UPDATE] [high] Linux Kernel: Multiple vulnerabilitiescert-bund
- high[UPDATE] [high] Linux Kernel: Multiple vulnerabilitiescert-bund
- medium[NEW] [medium] Linux Kernel: Vulnerability allows gaining administrator rightscert-bund
- highCVE-2026-52943: net: skbuff: fix missing zerocopy reference in pskb_carve helpersmsrc
- highCVE-2026-53267: netfilter: nft_ct: bail out on template ct in get evalmsrc
- mediumCVE-2026-53237: gpio: mvebu: fix NULL pointer dereference in suspend/resumemsrc
- highCVE-2026-53148: thunderbolt: Clamp XDomain response data copy to allocation sizemsrc
- mediumCVE-2026-53177: bnxt_en: Fix NULL pointer dereferencemsrc
- mediumCVE-2026-53147: thunderbolt: Validate XDomain request packet size before type castmsrc
- criticalCVE-2026-52931: batman-adv: tp_meter: avoid use of uninit sender varsmsrc
Recent advisories for Microsoft Azure Linux
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- unknownMultiple vulnerabilities in Microsoft Azure Linux (July 10, 2026)cert-fr-avis · 2026-07-10
- unknownMultiple vulnerabilities in Microsoft Azure Linux (July 09, 2026)cert-fr-avis · 2026-07-09
- unknownMultiple vulnerabilities in Microsoft Azure Linux (July 7, 2026)cert-fr-avis · 2026-07-07
- unknownMultiple vulnerabilities in Microsoft Azure Linux (June 25, 2026)cert-fr-avis · 2026-06-25
- unknownMultiple vulnerabilities in Microsoft Azure Linux (June 24, 2026)cert-fr-avis · 2026-06-24
More from CERT-FR Avis de sécurité
- unknownMultiple vulnerabilities in Red Hat Linux kernel (July 10, 2026)2026-07-10
- unknownMultiple vulnerabilities in Ubuntu Linux kernel (July 10, 2026)2026-07-10
- unknownMultiple vulnerabilities in Progress MOVEit Transfer (July 10, 2026)2026-07-10
- unknownVulnerability in NetApp ONTAP 9 (July 10, 2026)2026-07-10
- unknownVulnerability in CPython (July 10, 2026)2026-07-10