Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-6578-1

Ubuntu Security Notice 6578-1 - Vishal Mishra and Anita Gaud discovered that .NET did not properly validate X.509 certificates with malformed signatures. An attacker could possibly use this issue to bypass an application’s typical authentication logic. Morgan Brown discovered that .NET did not properly handle requests from unauthenticated clients. An attacker could possibly use this issue to cause a denial of service.

Packet Storm
#vulnerability#ubuntu#dos#perl#auth

==========================================================================
Ubuntu Security Notice USN-6578-1
January 11, 2024

dotnet6, dotnet7, dotnet8 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 23.10
  • Ubuntu 23.04
  • Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in dotnet6, dotnet7, and dotnet8.

Software Description:

  • dotnet6: dotNET CLI tools and runtime
  • dotnet7: dotNET CLI tools and runtime
  • dotnet8: dotNET CLI tools and runtime

Details:

Vishal Mishra and Anita Gaud discovered that .NET did not properly
validate X.509 certificates with malformed signatures. An attacker
could possibly use this issue to bypass an application’s typical
authentication logic. (CVE-2024-0057)

Morgan Brown discovered that .NET did not properly handle requests from
unauthenticated clients. An attacker could possibly use this issue to
cause a denial of service. (CVE-2024-21319)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
aspnetcore-runtime-6.0 6.0.126-0ubuntu1~23.10.1
aspnetcore-runtime-7.0 7.0.115-0ubuntu1~23.10.1
aspnetcore-runtime-8.0 8.0.1-0ubuntu1~23.10.1
dotnet-host 6.0.126-0ubuntu1~23.10.1
dotnet-host-7.0 7.0.115-0ubuntu1~23.10.1
dotnet-host-8.0 8.0.1-0ubuntu1~23.10.1
dotnet-hostfxr-6.0 6.0.126-0ubuntu1~23.10.1
dotnet-hostfxr-7.0 7.0.115-0ubuntu1~23.10.1
dotnet-hostfxr-8.0 8.0.1-0ubuntu1~23.10.1
dotnet-runtime-6.0 6.0.126-0ubuntu1~23.10.1
dotnet-runtime-7.0 7.0.115-0ubuntu1~23.10.1
dotnet-runtime-8.0 8.0.1-0ubuntu1~23.10.1
dotnet-sdk-6.0 6.0.126-0ubuntu1~23.10.1
dotnet-sdk-7.0 7.0.115-0ubuntu1~23.10.1
dotnet-sdk-8.0 8.0.101-0ubuntu1~23.10.1
dotnet6 6.0.126-0ubuntu1~23.10.1
dotnet7 7.0.115-0ubuntu1~23.10.1
dotnet8 8.0.101-8.0.1-0ubuntu1~23.10.1

Ubuntu 23.04:
aspnetcore-runtime-6.0 6.0.126-0ubuntu1~23.04.1
aspnetcore-runtime-7.0 7.0.115-0ubuntu1~23.04.1
dotnet-host 6.0.126-0ubuntu1~23.04.1
dotnet-host-7.0 7.0.115-0ubuntu1~23.04.1
dotnet-hostfxr-6.0 6.0.126-0ubuntu1~23.04.1
dotnet-hostfxr-7.0 7.0.115-0ubuntu1~23.04.1
dotnet-runtime-6.0 6.0.126-0ubuntu1~23.04.1
dotnet-runtime-7.0 7.0.115-0ubuntu1~23.04.1
dotnet-sdk-6.0 6.0.126-0ubuntu1~23.04.1
dotnet-sdk-7.0 7.0.115-0ubuntu1~23.04.1
dotnet6 6.0.126-0ubuntu1~23.04.1
dotnet7 7.0.115-0ubuntu1~23.04.1

Ubuntu 22.04 LTS:
aspnetcore-runtime-6.0 6.0.126-0ubuntu1~22.04.1
aspnetcore-runtime-7.0 7.0.115-0ubuntu1~22.04.1
dotnet-host 6.0.126-0ubuntu1~22.04.1
dotnet-host-7.0 7.0.115-0ubuntu1~22.04.1
dotnet-hostfxr-6.0 6.0.126-0ubuntu1~22.04.1
dotnet-hostfxr-7.0 7.0.115-0ubuntu1~22.04.1
dotnet-runtime-6.0 6.0.126-0ubuntu1~22.04.1
dotnet-runtime-7.0 7.0.115-0ubuntu1~22.04.1
dotnet-sdk-6.0 6.0.126-0ubuntu1~22.04.1
dotnet-sdk-7.0 7.0.115-0ubuntu1~22.04.1
dotnet6 6.0.126-0ubuntu1~22.04.1
dotnet7 7.0.115-0ubuntu1~22.04.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-6578-1
CVE-2024-0057, CVE-2024-21319

Package Information:
https://launchpad.net/ubuntu/+source/dotnet6/6.0.126-0ubuntu1~23.10.1
https://launchpad.net/ubuntu/+source/dotnet7/7.0.115-0ubuntu1~23.10.1
https://launchpad.net/ubuntu/+source/dotnet8/8.0.101-8.0.1-0ubuntu1~23.10.1
https://launchpad.net/ubuntu/+source/dotnet6/6.0.126-0ubuntu1~23.04.1
https://launchpad.net/ubuntu/+source/dotnet7/7.0.115-0ubuntu1~23.04.1
https://launchpad.net/ubuntu/+source/dotnet6/6.0.126-0ubuntu1~22.04.1
https://launchpad.net/ubuntu/+source/dotnet7/7.0.115-0ubuntu1~22.04.1

Related news

GHSA-68w7-72jg-6qpp: NuGet Client Security Feature Bypass Vulnerability

### Description Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 7.0 and .NET 8.0. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A security feature bypass vulnerability exists when Microsoft .NET Framework-based applications use X.509 chain building APIs but do not completely validate the X.509 certificate due to a logic flaw. An attacker could present an arbitrary untrusted certificate with malformed signatures, triggering a bug in the framework. The framework will correctly report that X.509 chain building failed, but it will return an incorrect reason code for the failure. Applications which utilize this reason code to make their own chain building trust decisions may inadvertently treat this scenario as a successful chain build. This could allow an adversary to subvert the app's typical authentication logic. ### Affected software #### NuGet & ...

Red Hat Security Advisory 2024-0255-03

Red Hat Security Advisory 2024-0255-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 7. Issues addressed include bypass, denial of service, and information leakage vulnerabilities.

GHSA-8g9c-28fc-mcx2: Microsoft Identity Denial of service vulnerability

### Impact _What kind of vulnerability is it? Who is impacted?_ An attacker could exploit this vulnerability by crafting a malicious JSON Web Encryption (JWE) token with a high compression ratio. This token, when processed by a server, leads to excessive memory allocation and processing time during decompression, causing a denial-of-service (DoS) condition. It's important to note that the attacker must have access to the public encrypt key registered with the IDP(Entra ID) for successful exploitation. _According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?_ A scope change (S:C) in the CVSS metric indicates that successful exploitation of this vulnerability could extend beyond the immediate processing of malicious tokens, affecting the overall availability of the system by causing a denial-of-service (DoS) condition. ### Patches _Has the problem been patched? What versions should users upgrade to?_ The v...

Packet Storm: Latest News

Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation / File Download