Headline

RHSA-2022:0826: Red Hat Security Advisory: .NET 6.0 security and bugfix update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

CVE-2022-24464: dotnet: ASP.NET Denial of Service via FormPipeReader
CVE-2022-24512: dotnet: double parser stack buffer overrun

2 years ago

Red Hat Security Data

Open in Source

#vulnerability #web #linux #red_hat #dos #nodejs #js #java #kubernetes

Skip to navigation Skip to main content

Utilities

Subscriptions
Downloads
Containers
Support Cases

Red Hat Customer Portal

Infrastructure and Management

Red Hat Enterprise Linux
Red Hat Virtualization
Red Hat Identity Management
Red Hat Directory Server
Red Hat Certificate System
Red Hat Satellite
Red Hat Subscription Management
Red Hat Update Infrastructure
Red Hat Insights
Red Hat Ansible Automation Platform

Cloud Computing

Red Hat OpenShift
Red Hat CloudForms
Red Hat OpenStack Platform
Red Hat OpenShift Container Platform
Red Hat OpenShift Data Science
Red Hat OpenShift Online
Red Hat OpenShift Dedicated
Red Hat Advanced Cluster Security for Kubernetes
Red Hat Advanced Cluster Management for Kubernetes
Red Hat Quay
Red Hat CodeReady Workspaces
Red Hat OpenShift Service on AWS

Storage

Red Hat Gluster Storage
Red Hat Hyperconverged Infrastructure
Red Hat Ceph Storage
Red Hat OpenShift Data Foundation

Runtimes

Red Hat Runtimes
Red Hat JBoss Enterprise Application Platform
Red Hat Data Grid
Red Hat JBoss Web Server
Red Hat Single Sign On
Red Hat support for Spring Boot
Red Hat build of Node.js
Red Hat build of Thorntail
Red Hat build of Eclipse Vert.x
Red Hat build of OpenJDK
Red Hat build of Quarkus
Red Hat CodeReady Studio

Integration and Automation

Red Hat Process Automation
Red Hat Process Automation Manager
Red Hat Decision Manager

All Products

Issued:

2022-03-10

Updated:

2022-03-10

RHSA-2022:0826 - Security Advisory

Overview
Updated Packages

Synopsis

Important: .NET 6.0 security and bugfix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET that address security vulnerabilities are now available. The updated versions are .NET SDK 6.0.103 and .NET Runtime 6.0.3.

Security Fix(es):

dotnet: ASP.NET Denial of Service via FormPipeReader (CVE-2022-24464)
dotnet: double parser stack buffer overrun (CVE-2022-24512)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

BZ - 2061847 - CVE-2022-24464 dotnet: ASP.NET Denial of Service via FormPipeReader
BZ - 2061854 - CVE-2022-24512 dotnet: double parser stack buffer overrun

Red Hat Enterprise Linux for x86_64 8

SRPM

dotnet6.0-6.0.103-4.el8_5.src.rpm

SHA-256: 124d4eb7a03f2154dffaed349b5627e2d20b6e04a2e67612fe8fe5aa57bf7520

x86_64

aspnetcore-runtime-6.0-6.0.3-4.el8_5.x86_64.rpm

SHA-256: 2129946f9a799e4118cc326d1d5f85698c9ff8a0ec1fe1b55f2f2c3745c86f98

aspnetcore-targeting-pack-6.0-6.0.3-4.el8_5.x86_64.rpm

SHA-256: 7057bed8a098c26bfcd6fdce7b465390a6f109afcc388ab118caccbf98e4e8d5

dotnet-6.0.103-4.el8_5.x86_64.rpm

SHA-256: 1fea407b0d9a8557d4a66726759f40a694aa320009423c5f0a0231ecbe6d1036

dotnet-apphost-pack-6.0-6.0.3-4.el8_5.x86_64.rpm

SHA-256: 259d925a109d64a3e60309dad47bdc32adccaaf355faf13e398d2d6181d49b84

dotnet-apphost-pack-6.0-debuginfo-6.0.3-4.el8_5.x86_64.rpm

SHA-256: 67a2f16d8373211a7310052fcbec50a5f45b13efd6df814f3814774cf6a48afd

dotnet-host-6.0.3-4.el8_5.x86_64.rpm

SHA-256: 0117feeffad2daf266dd54906be87a068595e93cf952e2239872d7aa15913cd1

dotnet-host-debuginfo-6.0.3-4.el8_5.x86_64.rpm

SHA-256: dea7c60a9dc957ffc7124e6be9ac4d31c20558a508ada70546078d1688291d32

dotnet-hostfxr-6.0-6.0.3-4.el8_5.x86_64.rpm

SHA-256: ee9b765693592e7deacd7a98e9b8fb09a690e05e1a9f636f843c77cd8f2695fb

dotnet-hostfxr-6.0-debuginfo-6.0.3-4.el8_5.x86_64.rpm

SHA-256: 6a68bd14ee050a5a0877b665a382b42dd5d9fa2c9956e3a4decb6e943e42a5fe

dotnet-runtime-6.0-6.0.3-4.el8_5.x86_64.rpm

SHA-256: 838b16676af69b2155c779b0dfedbfbf459393632281a82193466474cb4d99a6

dotnet-runtime-6.0-debuginfo-6.0.3-4.el8_5.x86_64.rpm

SHA-256: 4040211c193843a0734df6d2c2129e22b80741e98216c4d234f45fbdd515d1d0

dotnet-sdk-6.0-6.0.103-4.el8_5.x86_64.rpm

SHA-256: bc3a57407a9ad1e27388143f79053e344dff84444ce48eb7257ad0c1c30d7522

dotnet-sdk-6.0-debuginfo-6.0.103-4.el8_5.x86_64.rpm

SHA-256: 7c2f126d8a3539b24c274d229d51ad6a9124761fbe0c8a67a17e473fb0194fa4

dotnet-targeting-pack-6.0-6.0.3-4.el8_5.x86_64.rpm

SHA-256: ae9de91273d5c72f7c9ab8fd0d17c48e8048fd93b675a512ad5c15dca3cbd1dd

dotnet-templates-6.0-6.0.103-4.el8_5.x86_64.rpm

SHA-256: 755486c235e4f37ca3df319611e6aa1374a9b9e33a9ca9198df6f27ecb8e2499

dotnet6.0-debuginfo-6.0.103-4.el8_5.x86_64.rpm

SHA-256: 6f20a28bdfef471a5078009a95570b4032539bf6d32f105aeb4192b4e1d055be

dotnet6.0-debugsource-6.0.103-4.el8_5.x86_64.rpm

SHA-256: 68568528780602d5a5e4c159fe2e89ba44c7246448638412d7d594d15ad5a87a

netstandard-targeting-pack-2.1-6.0.103-4.el8_5.x86_64.rpm

SHA-256: 1079e76ccd99bfd652b4c9a73efd08e16737d253b0a817e04d229e83e44c0603

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

dotnet6.0-6.0.103-4.el8_5.src.rpm

SHA-256: 124d4eb7a03f2154dffaed349b5627e2d20b6e04a2e67612fe8fe5aa57bf7520

s390x

aspnetcore-runtime-6.0-6.0.3-4.el8_5.s390x.rpm

SHA-256: 77646e89cd97f5bb37a872800ab03a3af3aa6f39e268a7498d18192c060413ee

aspnetcore-targeting-pack-6.0-6.0.3-4.el8_5.s390x.rpm

SHA-256: a6cc60d87f9de1343c4977a949e9081fd2afe2b9c0b09cb6c84e34e2f2cea10b

dotnet-6.0.103-4.el8_5.s390x.rpm

SHA-256: 2279b5cc14b215e2eaeb9ce9b5ed77196100c68b5f4b3898d5007e38c8b67ee7

dotnet-apphost-pack-6.0-6.0.3-4.el8_5.s390x.rpm

SHA-256: de20f953532e25be98bc00e3665f57c66af462dbcff013d934add8d268ed5cf5

dotnet-apphost-pack-6.0-debuginfo-6.0.3-4.el8_5.s390x.rpm

SHA-256: 45addec3e9f29b5d6ae32e3c61068967e79e4b02c0d9ad03cd488bbe192d4e85

dotnet-host-6.0.3-4.el8_5.s390x.rpm

SHA-256: 2b8352024172d4a18b7d4000eebe03cf6c26192281a61b43cd3ab80514c6c9e6

dotnet-host-debuginfo-6.0.3-4.el8_5.s390x.rpm

SHA-256: b65011654a9bf10bc0002dca52bc48de9b832abf0763cdd38c01f8c494f6e0e8

dotnet-hostfxr-6.0-6.0.3-4.el8_5.s390x.rpm

SHA-256: 2ff8650ef3a1e9cdc3627b69c9d0a82ad3a6c55873455bb703b07bc19a082275

dotnet-hostfxr-6.0-debuginfo-6.0.3-4.el8_5.s390x.rpm

SHA-256: 56de77f411e2ccf3d94a4a6068fc9306db6523e3aebd48ff188a3eccf8525be6

dotnet-runtime-6.0-6.0.3-4.el8_5.s390x.rpm

SHA-256: e3d6d788ec4b08e35a4f12a6bb5fa53e79f83d827182225d869abfeb256d74f2

dotnet-runtime-6.0-debuginfo-6.0.3-4.el8_5.s390x.rpm

SHA-256: 0f75e3c57d6026f28f1905e6d1f5fd008126441330b7910f2396c1e43dd947d8

dotnet-sdk-6.0-6.0.103-4.el8_5.s390x.rpm

SHA-256: 6da34dd7536f973f2ac3b04e6fac1ba7a37b9359464fb0595fa1507300166d12

dotnet-sdk-6.0-debuginfo-6.0.103-4.el8_5.s390x.rpm

SHA-256: 290c6255edd6a5d465316a2db327400c5aad130dfd46aec8d295ae1f2b11884e

dotnet-targeting-pack-6.0-6.0.3-4.el8_5.s390x.rpm

SHA-256: 5f04092a77243d68c3a3efca31c47fbcd782f1054c70a8c632d63cb2e698b671

dotnet-templates-6.0-6.0.103-4.el8_5.s390x.rpm

SHA-256: cab685efbf8d445d87e1d7e2ba6cee8ade6d864b4bb8f3629ca3d9e5eee66a6c

dotnet6.0-debuginfo-6.0.103-4.el8_5.s390x.rpm

SHA-256: 5d5742f080748528ea0c460d8f44e69b00d5759c513a7edbf9180520d1bdb1d6

dotnet6.0-debugsource-6.0.103-4.el8_5.s390x.rpm

SHA-256: 36f63330db862f89d63cb1741490ceeaf11f769da55e94d0d25632d60540ee7d

netstandard-targeting-pack-2.1-6.0.103-4.el8_5.s390x.rpm

SHA-256: bb5e248176a83f0814d8a0770c9d614d3f84f1e230e6cb76c693e9fdb77409df

Red Hat Enterprise Linux for ARM 64 8

SRPM

dotnet6.0-6.0.103-4.el8_5.src.rpm

SHA-256: 124d4eb7a03f2154dffaed349b5627e2d20b6e04a2e67612fe8fe5aa57bf7520

aarch64

aspnetcore-runtime-6.0-6.0.3-4.el8_5.aarch64.rpm

SHA-256: b5ee4da15cd360fdca667fbce052277cfdd7c64125964c3073f48213bd532cc4

aspnetcore-targeting-pack-6.0-6.0.3-4.el8_5.aarch64.rpm

SHA-256: f3f26233549d9ed66e2d21d7d1666419b1ac517943c3c53ef0d3b50da814d087

dotnet-6.0.103-4.el8_5.aarch64.rpm

SHA-256: 5cd0957ff3b07592f6c98edb71b14ea8dfc700e684fd23c26dd488f0d56e92a9

dotnet-apphost-pack-6.0-6.0.3-4.el8_5.aarch64.rpm

SHA-256: c76f42c41a6ed8b0aeaa702c03d19d4b0e4272e55f4317bdf0ad843a8cb67434

dotnet-apphost-pack-6.0-debuginfo-6.0.3-4.el8_5.aarch64.rpm

SHA-256: 6389261caacaa625cdeb1861fe2b944876acb838608309f0a734a9d0c0306f75

dotnet-host-6.0.3-4.el8_5.aarch64.rpm

SHA-256: 28c8fca08f7afaf114d547e54943aedb7041317f622014c6daccc6cc086fce66

dotnet-host-debuginfo-6.0.3-4.el8_5.aarch64.rpm

SHA-256: 8d44b0fb0a4d2916d2336a20572043ddb7f0d8f167f655a201e905c0d7037be9

dotnet-hostfxr-6.0-6.0.3-4.el8_5.aarch64.rpm

SHA-256: 988c6b779ac0095fb2b4d69cbd54ba75418716451f00e4c52ca1bff705a514ff

dotnet-hostfxr-6.0-debuginfo-6.0.3-4.el8_5.aarch64.rpm

SHA-256: d136ec773651139021c6f387974fa9f6baf605967681e59f419caa0664fb97a7

dotnet-runtime-6.0-6.0.3-4.el8_5.aarch64.rpm

SHA-256: 1f510d115fb9253a144be50932468dc85f88be7d06f9e587c9bfddc89cad595a

dotnet-runtime-6.0-debuginfo-6.0.3-4.el8_5.aarch64.rpm

SHA-256: add289b0bb60fcf497ab99cabaeb42a705dd72b84def161f4afa47ac7d0b82a2

dotnet-sdk-6.0-6.0.103-4.el8_5.aarch64.rpm

SHA-256: 04fcc497d420770ddb5d8cef74930b81cd88334428b1c8e051cb2a2d20af8402

dotnet-sdk-6.0-debuginfo-6.0.103-4.el8_5.aarch64.rpm

SHA-256: 3b284375fd0925e3c4655e50ab5ae3e45acdd458f70bff13bbe0ffdc411cda78

dotnet-targeting-pack-6.0-6.0.3-4.el8_5.aarch64.rpm

SHA-256: d0ab4a76fc14b1d6235eb53a51e07447bd269be6be172fbde19254af7528effe

dotnet-templates-6.0-6.0.103-4.el8_5.aarch64.rpm

SHA-256: 769eaa81cacd7eb5114dd679bd01917f3cd8859fac440e82bfd1a322bb3695f5

dotnet6.0-debuginfo-6.0.103-4.el8_5.aarch64.rpm

SHA-256: bb9d66b94c64c318165996a68cdbfe1fa761a13f295c99cfdf250ae71cc53b34

dotnet6.0-debugsource-6.0.103-4.el8_5.aarch64.rpm

SHA-256: caeb722d34e9384557da046c6dc894d234feaec508b8c837f7e79eb402ff5d8b

netstandard-targeting-pack-2.1-6.0.103-4.el8_5.aarch64.rpm

SHA-256: 947c8ec00e69ca7e2777fa1c718145076dec080c95f58f10f0f4dcb7dd572bc6

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

1 year ago

Red Hat Security Data

RHSA-2023:5628: Red Hat Security Advisory: kernel security and bug fix update

1 year ago

Red Hat Security Data

RHSA-2023:5622: Red Hat Security Advisory: kernel security and bug fix update

1 year ago

Red Hat Security Data

RHSA-2023:5615: Red Hat Security Advisory: libssh2 security update

1 year ago

Red Hat Security Data

RHSA-2023:5616: Red Hat Security Advisory: python-reportlab security update

1 year ago

Red Hat Security Data