Kernel-Vulnerability

🟡 Medium | Source: Microsoft Security Response Center CVE-2026-43308 is a Linux kernel vulnerability in the btrfs filesystem driver, where an unexpected delayed reference type could trigger a kernel panic (BUG()). The fix prevents the kernel from crashing in this scenario by handling the unexpected condition gracefully. Although published via Microsoft’s security advisory channel for Azure, the underlying issue affects any Linux system using the btrfs filesystem, including Azure Linux-based virtual machines. ...

🟡 Medium | Source: Microsoft Security Response Center CVE-2025-71072 addresses a flaw in the Linux kernel’s shared memory (shmem) subsystem related to improper recovery handling during rename failures. This type of vulnerability can lead to memory corruption or inconsistent filesystem state. While details remain limited, kernel-level memory management bugs can be exploited to cause instability or, in certain conditions, may be leveraged for privilege escalation. Security Architect’s Take: Review whether your Azure Linux-based workloads — including AKS nodes, Linux VMs, and container hosts — are running kernel versions affected by this shmem rename issue, and prioritise patching via Azure Update Manager or your node image upgrade pipeline. ...