Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:3582: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-24936: No description is available for this CVE.
  • CVE-2023-29331: No description is available for this CVE.
  • CVE-2023-29337: No description is available for this CVE.
  • CVE-2023-33128: .NET and Visual Studio Remote Code Execution Vulnerability
Red Hat Security Data
#vulnerability#linux#red_hat#dos#rce#ibm#sap

Synopsis

Important: .NET 6.0 security, bug fix, and enhancement update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.118 and .NET Runtime 6.0.18.

The following packages have been upgraded to a later upstream version: dotnet6.0 (6.0.118). (BZ#2212378)

Security Fix(es):

  • dotnet: .NET Kestrel: Denial of Service processing X509 Certificates (CVE-2023-29331)
  • dotnet: vulnerability exists in NuGet where a potential race condition can lead to a symlink attack (CVE-2023-29337)
  • dotnet: Remote Code Execution - Source generators issue can lead to a crash due to unmanaged heap corruption (CVE-2023-33128)
  • dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML (CVE-2023-24936)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8 aarch64

Fixes

  • BZ - 2192438 - CVE-2023-24936 dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML
  • BZ - 2212617 - CVE-2023-29331 dotnet: .NET Kestrel: Denial of Service processing X509 Certificates
  • BZ - 2212618 - CVE-2023-33128 dotnet: Remote Code Execution - Source generators issue can lead to a crash due to unmanaged heap corruption
  • BZ - 2213703 - CVE-2023-29337 dotnet: vulnerability exists in NuGet where a potential race condition can lead to a symlink attack

CVEs

  • CVE-2023-24936
  • CVE-2023-29331
  • CVE-2023-29337
  • CVE-2023-33128

Red Hat Enterprise Linux for x86_64 8

SRPM

dotnet6.0-6.0.118-1.el8_8.src.rpm

SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84

x86_64

aspnetcore-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 7ff49643223e7d6b5322efeefda257e25cf804ea10439c9933ac5abc284f9117

aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: e512f73c0555ea7f2f9544090296601e001ee054a19588a6dd7b8de056fdd609

dotnet-apphost-pack-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 83cc886a96cdaa6d53fef0622044be15b40b24335a7855478e8acc6e1150730c

dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 6fa1e6214ab531dbb2298ce15c4de0926d43f2574fef9002d7f365ec96c1ea5b

dotnet-hostfxr-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 6874f9175e2e44822c4e81d83d3e774a32e6b587567a29b944db1210e214f855

dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: a63df6be37813edbc9bf85f949f30c5a8143813f9abf08a4ec3b03c39d0b93fd

dotnet-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 5be6dcc5dbd619b5ec07d8e569be4209b562a179088dab2212aafbb334cf84df

dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: faf181f0b5fe5239eb6672f512424e1293d60d03cce945bfebada9a7ae40ec63

dotnet-sdk-6.0-6.0.118-1.el8_8.x86_64.rpm

SHA-256: a2c6284f35f48e5b79daf2d6c03d6b5f6e5c3a0eaa55d9c49424af034641c32f

dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm

SHA-256: a8601d58e598702b3538c50a95b55e6f23ae078b7c64717640575f91686bbecc

dotnet-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: a3b59f3d82234568e1ed62a8aca94aa32cf2c4c63a655391b5ca5adfe6aa22c9

dotnet-templates-6.0-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 5350373e433d2225ceb57748817705071b8bcac5255c27365de41ba0502140c3

dotnet6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 9a07aa5a5e6cf3dbc9d402fd406cfd2ee1d8c295ae3db122f1d39f395a615efc

dotnet6.0-debugsource-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 64b01ce416c77388286c9f33821f4639fd8ef5d7aeeac1a0da67b1d474119e8b

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM

dotnet6.0-6.0.118-1.el8_8.src.rpm

SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84

x86_64

aspnetcore-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 7ff49643223e7d6b5322efeefda257e25cf804ea10439c9933ac5abc284f9117

aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: e512f73c0555ea7f2f9544090296601e001ee054a19588a6dd7b8de056fdd609

dotnet-apphost-pack-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 83cc886a96cdaa6d53fef0622044be15b40b24335a7855478e8acc6e1150730c

dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 6fa1e6214ab531dbb2298ce15c4de0926d43f2574fef9002d7f365ec96c1ea5b

dotnet-hostfxr-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 6874f9175e2e44822c4e81d83d3e774a32e6b587567a29b944db1210e214f855

dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: a63df6be37813edbc9bf85f949f30c5a8143813f9abf08a4ec3b03c39d0b93fd

dotnet-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 5be6dcc5dbd619b5ec07d8e569be4209b562a179088dab2212aafbb334cf84df

dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: faf181f0b5fe5239eb6672f512424e1293d60d03cce945bfebada9a7ae40ec63

dotnet-sdk-6.0-6.0.118-1.el8_8.x86_64.rpm

SHA-256: a2c6284f35f48e5b79daf2d6c03d6b5f6e5c3a0eaa55d9c49424af034641c32f

dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm

SHA-256: a8601d58e598702b3538c50a95b55e6f23ae078b7c64717640575f91686bbecc

dotnet-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: a3b59f3d82234568e1ed62a8aca94aa32cf2c4c63a655391b5ca5adfe6aa22c9

dotnet-templates-6.0-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 5350373e433d2225ceb57748817705071b8bcac5255c27365de41ba0502140c3

dotnet6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 9a07aa5a5e6cf3dbc9d402fd406cfd2ee1d8c295ae3db122f1d39f395a615efc

dotnet6.0-debugsource-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 64b01ce416c77388286c9f33821f4639fd8ef5d7aeeac1a0da67b1d474119e8b

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

dotnet6.0-6.0.118-1.el8_8.src.rpm

SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84

s390x

aspnetcore-runtime-6.0-6.0.18-1.el8_8.s390x.rpm

SHA-256: 7828710b86070b6019c7b1723b1a22ada4d964a6f5540700c8e3a3ebffdfba0a

aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.s390x.rpm

SHA-256: c24a68e46b0cac58cc7dc49d030c1d628aaacd52dec9cdd2ceaf9cb6d88bc1fb

dotnet-apphost-pack-6.0-6.0.18-1.el8_8.s390x.rpm

SHA-256: 5322e523c7f012a4895a9cbdda735ce00f50ae917a58f4180f356989447db90a

dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm

SHA-256: a8c299d355247eaaeb4e763970a29dc6ef59054ef0439133720c37dc63bb0f76

dotnet-hostfxr-6.0-6.0.18-1.el8_8.s390x.rpm

SHA-256: f3a00e3161adbe83fb9252494832f04e6db0ed147bd19918b6fc4be996d1360a

dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm

SHA-256: 20ae055147f7a53e3977fbca8065911da5ad15d9fbdb7ab891e5bd7853c018e6

dotnet-runtime-6.0-6.0.18-1.el8_8.s390x.rpm

SHA-256: 62c38382ec176bdb8c409809e0da4103a09b9ea141d3b13cc405c11a7ce08bd7

dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm

SHA-256: e488bf903b19bda0e08d1fb893ca350f7879327e31f2b90c9b5e401d8a4f3d20

dotnet-sdk-6.0-6.0.118-1.el8_8.s390x.rpm

SHA-256: 0861b00f77844a69e1ae92693ca0d1432d23db13d7f3bf1ae857aecbcb54444f

dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm

SHA-256: 5404e3ba96fad3a9e412f3fbf8eb0ed67562ba5720d0d57734e350622aa04013

dotnet-targeting-pack-6.0-6.0.18-1.el8_8.s390x.rpm

SHA-256: e618b456d7a262be3ae87a18d0dd95978398687a20d5221c17d45d7c0589ba37

dotnet-templates-6.0-6.0.118-1.el8_8.s390x.rpm

SHA-256: d34cb8abb51a1ef0e71d9e6465e5256f664a5c82b715767b1f8729a6cf113735

dotnet6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm

SHA-256: 9c0e23d0c9a69bc82cc9aafc99c815e749857ca30aa7201fb29c44d07158aa12

dotnet6.0-debugsource-6.0.118-1.el8_8.s390x.rpm

SHA-256: a27670aad8d4e50365defa3828bc9f7b17202abdc43d7445b9e522c35c84c5a3

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8

SRPM

dotnet6.0-6.0.118-1.el8_8.src.rpm

SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84

s390x

aspnetcore-runtime-6.0-6.0.18-1.el8_8.s390x.rpm

SHA-256: 7828710b86070b6019c7b1723b1a22ada4d964a6f5540700c8e3a3ebffdfba0a

aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.s390x.rpm

SHA-256: c24a68e46b0cac58cc7dc49d030c1d628aaacd52dec9cdd2ceaf9cb6d88bc1fb

dotnet-apphost-pack-6.0-6.0.18-1.el8_8.s390x.rpm

SHA-256: 5322e523c7f012a4895a9cbdda735ce00f50ae917a58f4180f356989447db90a

dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm

SHA-256: a8c299d355247eaaeb4e763970a29dc6ef59054ef0439133720c37dc63bb0f76

dotnet-hostfxr-6.0-6.0.18-1.el8_8.s390x.rpm

SHA-256: f3a00e3161adbe83fb9252494832f04e6db0ed147bd19918b6fc4be996d1360a

dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm

SHA-256: 20ae055147f7a53e3977fbca8065911da5ad15d9fbdb7ab891e5bd7853c018e6

dotnet-runtime-6.0-6.0.18-1.el8_8.s390x.rpm

SHA-256: 62c38382ec176bdb8c409809e0da4103a09b9ea141d3b13cc405c11a7ce08bd7

dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm

SHA-256: e488bf903b19bda0e08d1fb893ca350f7879327e31f2b90c9b5e401d8a4f3d20

dotnet-sdk-6.0-6.0.118-1.el8_8.s390x.rpm

SHA-256: 0861b00f77844a69e1ae92693ca0d1432d23db13d7f3bf1ae857aecbcb54444f

dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm

SHA-256: 5404e3ba96fad3a9e412f3fbf8eb0ed67562ba5720d0d57734e350622aa04013

dotnet-targeting-pack-6.0-6.0.18-1.el8_8.s390x.rpm

SHA-256: e618b456d7a262be3ae87a18d0dd95978398687a20d5221c17d45d7c0589ba37

dotnet-templates-6.0-6.0.118-1.el8_8.s390x.rpm

SHA-256: d34cb8abb51a1ef0e71d9e6465e5256f664a5c82b715767b1f8729a6cf113735

dotnet6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm

SHA-256: 9c0e23d0c9a69bc82cc9aafc99c815e749857ca30aa7201fb29c44d07158aa12

dotnet6.0-debugsource-6.0.118-1.el8_8.s390x.rpm

SHA-256: a27670aad8d4e50365defa3828bc9f7b17202abdc43d7445b9e522c35c84c5a3

Red Hat Enterprise Linux Server - TUS 8.8

SRPM

dotnet6.0-6.0.118-1.el8_8.src.rpm

SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84

x86_64

aspnetcore-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 7ff49643223e7d6b5322efeefda257e25cf804ea10439c9933ac5abc284f9117

aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: e512f73c0555ea7f2f9544090296601e001ee054a19588a6dd7b8de056fdd609

dotnet-apphost-pack-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 83cc886a96cdaa6d53fef0622044be15b40b24335a7855478e8acc6e1150730c

dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 6fa1e6214ab531dbb2298ce15c4de0926d43f2574fef9002d7f365ec96c1ea5b

dotnet-hostfxr-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 6874f9175e2e44822c4e81d83d3e774a32e6b587567a29b944db1210e214f855

dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: a63df6be37813edbc9bf85f949f30c5a8143813f9abf08a4ec3b03c39d0b93fd

dotnet-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 5be6dcc5dbd619b5ec07d8e569be4209b562a179088dab2212aafbb334cf84df

dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: faf181f0b5fe5239eb6672f512424e1293d60d03cce945bfebada9a7ae40ec63

dotnet-sdk-6.0-6.0.118-1.el8_8.x86_64.rpm

SHA-256: a2c6284f35f48e5b79daf2d6c03d6b5f6e5c3a0eaa55d9c49424af034641c32f

dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm

SHA-256: a8601d58e598702b3538c50a95b55e6f23ae078b7c64717640575f91686bbecc

dotnet-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: a3b59f3d82234568e1ed62a8aca94aa32cf2c4c63a655391b5ca5adfe6aa22c9

dotnet-templates-6.0-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 5350373e433d2225ceb57748817705071b8bcac5255c27365de41ba0502140c3

dotnet6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 9a07aa5a5e6cf3dbc9d402fd406cfd2ee1d8c295ae3db122f1d39f395a615efc

dotnet6.0-debugsource-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 64b01ce416c77388286c9f33821f4639fd8ef5d7aeeac1a0da67b1d474119e8b

Red Hat Enterprise Linux for ARM 64 8

SRPM

dotnet6.0-6.0.118-1.el8_8.src.rpm

SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84

aarch64

aspnetcore-runtime-6.0-6.0.18-1.el8_8.aarch64.rpm

SHA-256: e6cb7b9683a017600800be2e20a335594f7119fd78f86fd7da1cbfcc922dc924

aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.aarch64.rpm

SHA-256: 9e9e4b8d1fd5619fba2fb4368cf795d4b290d0e710bc78aa63bd69ae936e41c2

dotnet-apphost-pack-6.0-6.0.18-1.el8_8.aarch64.rpm

SHA-256: 101cd9a21f1855d58aceb0c927839988ccce63e92d0004674b42b47dcdefe0ea

dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm

SHA-256: b05dae3f215ef2e76885db2107171812620c165e248635ce0f88af6c550b89f9

dotnet-hostfxr-6.0-6.0.18-1.el8_8.aarch64.rpm

SHA-256: 2dea52c80ba737a194f2b6c72244ecf0435ad476ceb729418028ef836f0aaabd

dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm

SHA-256: 5ee1f33433d69c7803c36a99b8d599703fb0966a61ee7805e7e3074b1ccbb7df

dotnet-runtime-6.0-6.0.18-1.el8_8.aarch64.rpm

SHA-256: ad802c0819759f51f06b69912fcc435db7eb08cc1c964e06ddb80e6abb8ba91e

dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm

SHA-256: bba1357b399c75a061a63acfc5d6dd2b47c0b83be0aaea87389951ce350f539f

dotnet-sdk-6.0-6.0.118-1.el8_8.aarch64.rpm

SHA-256: dd09f60382ef4c3e38e5a42afb1bac106a2391a77fa690cb5025786985170e54

dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 68c5550387a71bf61deec3215c8ddd8326568cb698de6faf05e91bcd02d26e4a

dotnet-targeting-pack-6.0-6.0.18-1.el8_8.aarch64.rpm

SHA-256: a2fed0be56b83aa0cb366106609a76375a6315c5dc1e7054c8227e1ef447b6c6

dotnet-templates-6.0-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 75189a1e1e21dfeccd6a72b33032cab50db1abc4444afbcca17b079df9f2b2c2

dotnet6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 1c321266a67227dd427bc460d0b8ccb9c8c097e7327137d9852aa7335d76dfe7

dotnet6.0-debugsource-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 05b85abd180f33fb1d58282bbefbf6562292686168374ee6d0de51a8b2c201b1

Red Hat CodeReady Linux Builder for x86_64 8

SRPM

x86_64

dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 6fa1e6214ab531dbb2298ce15c4de0926d43f2574fef9002d7f365ec96c1ea5b

dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: a63df6be37813edbc9bf85f949f30c5a8143813f9abf08a4ec3b03c39d0b93fd

dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: faf181f0b5fe5239eb6672f512424e1293d60d03cce945bfebada9a7ae40ec63

dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm

SHA-256: a8601d58e598702b3538c50a95b55e6f23ae078b7c64717640575f91686bbecc

dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 244ff76fa3d2fbe69e6ea81c7f1d13d83752cc951bbd4b90d2fbba54774e8966

dotnet6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 9a07aa5a5e6cf3dbc9d402fd406cfd2ee1d8c295ae3db122f1d39f395a615efc

dotnet6.0-debugsource-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 64b01ce416c77388286c9f33821f4639fd8ef5d7aeeac1a0da67b1d474119e8b

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM

s390x

dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm

SHA-256: a8c299d355247eaaeb4e763970a29dc6ef59054ef0439133720c37dc63bb0f76

dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm

SHA-256: 20ae055147f7a53e3977fbca8065911da5ad15d9fbdb7ab891e5bd7853c018e6

dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm

SHA-256: e488bf903b19bda0e08d1fb893ca350f7879327e31f2b90c9b5e401d8a4f3d20

dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm

SHA-256: 5404e3ba96fad3a9e412f3fbf8eb0ed67562ba5720d0d57734e350622aa04013

dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el8_8.s390x.rpm

SHA-256: bba82b0a034364cd0e3b452539af96d39c31c5335a9257a9eceb06c330f3650e

dotnet6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm

SHA-256: 9c0e23d0c9a69bc82cc9aafc99c815e749857ca30aa7201fb29c44d07158aa12

dotnet6.0-debugsource-6.0.118-1.el8_8.s390x.rpm

SHA-256: a27670aad8d4e50365defa3828bc9f7b17202abdc43d7445b9e522c35c84c5a3

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8

SRPM

dotnet6.0-6.0.118-1.el8_8.src.rpm

SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84

aarch64

aspnetcore-runtime-6.0-6.0.18-1.el8_8.aarch64.rpm

SHA-256: e6cb7b9683a017600800be2e20a335594f7119fd78f86fd7da1cbfcc922dc924

aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.aarch64.rpm

SHA-256: 9e9e4b8d1fd5619fba2fb4368cf795d4b290d0e710bc78aa63bd69ae936e41c2

dotnet-apphost-pack-6.0-6.0.18-1.el8_8.aarch64.rpm

SHA-256: 101cd9a21f1855d58aceb0c927839988ccce63e92d0004674b42b47dcdefe0ea

dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm

SHA-256: b05dae3f215ef2e76885db2107171812620c165e248635ce0f88af6c550b89f9

dotnet-hostfxr-6.0-6.0.18-1.el8_8.aarch64.rpm

SHA-256: 2dea52c80ba737a194f2b6c72244ecf0435ad476ceb729418028ef836f0aaabd

dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm

SHA-256: 5ee1f33433d69c7803c36a99b8d599703fb0966a61ee7805e7e3074b1ccbb7df

dotnet-runtime-6.0-6.0.18-1.el8_8.aarch64.rpm

SHA-256: ad802c0819759f51f06b69912fcc435db7eb08cc1c964e06ddb80e6abb8ba91e

dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm

SHA-256: bba1357b399c75a061a63acfc5d6dd2b47c0b83be0aaea87389951ce350f539f

dotnet-sdk-6.0-6.0.118-1.el8_8.aarch64.rpm

SHA-256: dd09f60382ef4c3e38e5a42afb1bac106a2391a77fa690cb5025786985170e54

dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 68c5550387a71bf61deec3215c8ddd8326568cb698de6faf05e91bcd02d26e4a

dotnet-targeting-pack-6.0-6.0.18-1.el8_8.aarch64.rpm

SHA-256: a2fed0be56b83aa0cb366106609a76375a6315c5dc1e7054c8227e1ef447b6c6

dotnet-templates-6.0-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 75189a1e1e21dfeccd6a72b33032cab50db1abc4444afbcca17b079df9f2b2c2

dotnet6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 1c321266a67227dd427bc460d0b8ccb9c8c097e7327137d9852aa7335d76dfe7

dotnet6.0-debugsource-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 05b85abd180f33fb1d58282bbefbf6562292686168374ee6d0de51a8b2c201b1

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM

dotnet6.0-6.0.118-1.el8_8.src.rpm

SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84

x86_64

aspnetcore-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 7ff49643223e7d6b5322efeefda257e25cf804ea10439c9933ac5abc284f9117

aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: e512f73c0555ea7f2f9544090296601e001ee054a19588a6dd7b8de056fdd609

dotnet-apphost-pack-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 83cc886a96cdaa6d53fef0622044be15b40b24335a7855478e8acc6e1150730c

dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 6fa1e6214ab531dbb2298ce15c4de0926d43f2574fef9002d7f365ec96c1ea5b

dotnet-hostfxr-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 6874f9175e2e44822c4e81d83d3e774a32e6b587567a29b944db1210e214f855

dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: a63df6be37813edbc9bf85f949f30c5a8143813f9abf08a4ec3b03c39d0b93fd

dotnet-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 5be6dcc5dbd619b5ec07d8e569be4209b562a179088dab2212aafbb334cf84df

dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: faf181f0b5fe5239eb6672f512424e1293d60d03cce945bfebada9a7ae40ec63

dotnet-sdk-6.0-6.0.118-1.el8_8.x86_64.rpm

SHA-256: a2c6284f35f48e5b79daf2d6c03d6b5f6e5c3a0eaa55d9c49424af034641c32f

dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm

SHA-256: a8601d58e598702b3538c50a95b55e6f23ae078b7c64717640575f91686bbecc

dotnet-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm

SHA-256: a3b59f3d82234568e1ed62a8aca94aa32cf2c4c63a655391b5ca5adfe6aa22c9

dotnet-templates-6.0-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 5350373e433d2225ceb57748817705071b8bcac5255c27365de41ba0502140c3

dotnet6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 9a07aa5a5e6cf3dbc9d402fd406cfd2ee1d8c295ae3db122f1d39f395a615efc

dotnet6.0-debugsource-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 64b01ce416c77388286c9f33821f4639fd8ef5d7aeeac1a0da67b1d474119e8b

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM

aarch64

dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm

SHA-256: b05dae3f215ef2e76885db2107171812620c165e248635ce0f88af6c550b89f9

dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm

SHA-256: 5ee1f33433d69c7803c36a99b8d599703fb0966a61ee7805e7e3074b1ccbb7df

dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm

SHA-256: bba1357b399c75a061a63acfc5d6dd2b47c0b83be0aaea87389951ce350f539f

dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 68c5550387a71bf61deec3215c8ddd8326568cb698de6faf05e91bcd02d26e4a

dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 2fda85ae79cd0dfe110ef00f78c7c0b0e070a2b81a6d160d471822ca039b5be3

dotnet6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 1c321266a67227dd427bc460d0b8ccb9c8c097e7327137d9852aa7335d76dfe7

dotnet6.0-debugsource-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 05b85abd180f33fb1d58282bbefbf6562292686168374ee6d0de51a8b2c201b1

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8

SRPM

x86_64

dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: 6fa1e6214ab531dbb2298ce15c4de0926d43f2574fef9002d7f365ec96c1ea5b

dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: a63df6be37813edbc9bf85f949f30c5a8143813f9abf08a4ec3b03c39d0b93fd

dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm

SHA-256: faf181f0b5fe5239eb6672f512424e1293d60d03cce945bfebada9a7ae40ec63

dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm

SHA-256: a8601d58e598702b3538c50a95b55e6f23ae078b7c64717640575f91686bbecc

dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 244ff76fa3d2fbe69e6ea81c7f1d13d83752cc951bbd4b90d2fbba54774e8966

dotnet6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 9a07aa5a5e6cf3dbc9d402fd406cfd2ee1d8c295ae3db122f1d39f395a615efc

dotnet6.0-debugsource-6.0.118-1.el8_8.x86_64.rpm

SHA-256: 64b01ce416c77388286c9f33821f4639fd8ef5d7aeeac1a0da67b1d474119e8b

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8

SRPM

s390x

dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm

SHA-256: a8c299d355247eaaeb4e763970a29dc6ef59054ef0439133720c37dc63bb0f76

dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm

SHA-256: 20ae055147f7a53e3977fbca8065911da5ad15d9fbdb7ab891e5bd7853c018e6

dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm

SHA-256: e488bf903b19bda0e08d1fb893ca350f7879327e31f2b90c9b5e401d8a4f3d20

dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm

SHA-256: 5404e3ba96fad3a9e412f3fbf8eb0ed67562ba5720d0d57734e350622aa04013

dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el8_8.s390x.rpm

SHA-256: bba82b0a034364cd0e3b452539af96d39c31c5335a9257a9eceb06c330f3650e

dotnet6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm

SHA-256: 9c0e23d0c9a69bc82cc9aafc99c815e749857ca30aa7201fb29c44d07158aa12

dotnet6.0-debugsource-6.0.118-1.el8_8.s390x.rpm

SHA-256: a27670aad8d4e50365defa3828bc9f7b17202abdc43d7445b9e522c35c84c5a3

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8

SRPM

aarch64

dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm

SHA-256: b05dae3f215ef2e76885db2107171812620c165e248635ce0f88af6c550b89f9

dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm

SHA-256: 5ee1f33433d69c7803c36a99b8d599703fb0966a61ee7805e7e3074b1ccbb7df

dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm

SHA-256: bba1357b399c75a061a63acfc5d6dd2b47c0b83be0aaea87389951ce350f539f

dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 68c5550387a71bf61deec3215c8ddd8326568cb698de6faf05e91bcd02d26e4a

dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 2fda85ae79cd0dfe110ef00f78c7c0b0e070a2b81a6d160d471822ca039b5be3

dotnet6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 1c321266a67227dd427bc460d0b8ccb9c8c097e7327137d9852aa7335d76dfe7

dotnet6.0-debugsource-6.0.118-1.el8_8.aarch64.rpm

SHA-256: 05b85abd180f33fb1d58282bbefbf6562292686168374ee6d0de51a8b2c201b1

Related news

Red Hat Security Advisory 2023-4449-01

Red Hat Security Advisory 2023-4449-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.120 and .NET Runtime 6.0.20. Issues addressed include code execution, denial of service, and heap corruption vulnerabilities.

Red Hat Security Advisory 2023-4448-01

Red Hat Security Advisory 2023-4448-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.120 and .NET Runtime 6.0.20. Issues addressed include code execution, denial of service, and heap corruption vulnerabilities.

RHSA-2023:4448: Red Hat Security Advisory: .NET 6.0 security update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-29331: A vulnerability was found in dotnet. This issue can lead to a denial of service while processing X509 Certificates. * CVE-2023-29337: A vulnerability was found in dotnet. This issue exists in NuGet where a potential race condition can lead to a symlink attack. * CVE-2023-33128: A vulnerability was found in dotnet. This...

RHSA-2023:4449: Red Hat Security Advisory: .NET 6.0 security update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-29331: A vulnerability was found in dotnet. This issue can lead to a denial of service while processing X509 Certificates. * CVE-2023-29337: A vulnerability was found in dotnet. This issue exists in NuGet where a potential race condition can lead to a symlink attack. * CVE-2023-33128: A vulnerability was found in dotnet. This...

Microsoft Patch Tuesday June 2023: Edge type confusion, Git RCE, OneNote Spoofing, PGM RCE, Exchange RCE, SharePoint EoP

Hello everyone! This episode will be about Microsoft Patch Tuesday for June 2023, including vulnerabilities that were added between May and June Patch Tuesdays. As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I took the comments about the vulnerabilities from the Qualys, Tenable, Rapid7, ZDI Patch Tuesday reviews. This time there […]

Ubuntu Security Notice USN-6161-2

Ubuntu Security Notice 6161-2 - USN-6161-1 fixed vulnerabilities in .NET. The update introduced a regression with regards to how the runtime imported X.509 certificates. This update fixes the problem. It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges.

GHSA-x469-cv7m-77r9: .NET Remote Code Execution Vulnerability

# Microsoft Security Advisory CVE-2023-33128: .NET Remote Code Execution Vulnerability ## <a name="executive-summary"></a>Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in .NET source generator for P/Invokes that can lead to generated code freeing uninitialized memory and crashing. ## Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/253 ### <a name="mitigation-factors"></a>Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. ## <a name="affected-software"></a>Affected software * Any .NET 7.0.1xx SDK 7.0.106 or earlier. * Any .NET 7.0.3xx SDK 7.0.303 or earlier. If your application uses the following package versions, ensure you update to the latest version of .NET....

GHSA-555c-2p6r-68mm: .NET Denial of Service vulnerability

# Microsoft Security Advisory CVE-2023-29331: .NET Denial of Service vulnerability ## <a name="executive-summary"></a>Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in .NET when processing X.509 certificates that may result in Denial of Service. Details: [KB5025823 ](https://support.microsoft.com/kb/5025823) ## Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/257 ### <a name="mitigation-factors"></a>Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. ## <a name="affected-software"></a>Affected software * Any .NET 7.0 application running on .NET 7.0.5 or earlier. * Any .NET 6.0 application running on .NET 6.0.16 or earlier. If your application uses ...

GHSA-jx7q-xxmw-44vf: .NET Elevation of Privilege Vulnerability

# Microsoft Security Advisory CVE-2023-24936: .NET Elevation of Privilege Vulnerability ## <a name="executive-summary"></a>Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in .NET when deserializing a DataSet or DataTable from XML which may result in elevation of privileges. ## Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/259 ### <a name="mitigation-factors"></a>Mitigation factors The default configuration of DataSet and DataTable is not susceptible to this vulnerability. This vulnerability only exists if the app developer or machine admin extends the DataSet and DataTable default allow-list [as specified here](https://learn.microsoft.com/en-us/dotnet/framework/data/adonet/dataset-datatable-da...

GHSA-6qmf-mmc7-6c2p: NuGet Client Remote Code Execution Vulnerability

### Description Microsoft is releasing this security advisory to provide information about a vulnerability in .NET and NuGet on Linux. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in .NET 6.0, .NET 7.0 and NuGet(nuget.exe, NuGet.Protocol, NuGet.Common, NuGet.CommandLine, NuGet.Commands, Microsoft.Build.NuGetSdkResolver, NuGet.PackageManagement) where a potential race condition that can lead to a symlink attack on Linux. Non-Linux platforms are not affected. ### Affected software This issue only affects Linux systems. #### NuGet & NuGet Packages - Any NuGet.exe, NuGet.Protocol, NuGet.Common, NuGet.CommandLine, NuGet.Commands, Microsoft.Build.NuGetSdkResolver, NuGet.PackageManagement 6.6.0 version or earlier. - Any NuGet.exe, NuGet.Protocol, NuGet.Common, NuGet.CommandLine, NuGet.Commands, Microsoft.Build.NuGetSdkResolver, NuGet.PackageManagement 6.5.0 version or earlier. - Any NuGet.e...

CVE-2023-29337

NuGet Client Remote Code Execution Vulnerability

CVE-2023-24936

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

CVE-2023-29331

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

RHSA-2023:3580: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24936: No description is available for this CVE. * CVE-2023-29331: No description is available for this CVE. * CVE-2023-29337: No description is available for this CVE. * CVE-2023-33128: .NET and Visual Studio Remote Code Execution Vulnerability

RHSA-2023:3580: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24936: No description is available for this CVE. * CVE-2023-29331: No description is available for this CVE. * CVE-2023-29337: No description is available for this CVE. * CVE-2023-33128: .NET and Visual Studio Remote Code Execution Vulnerability

RHSA-2023:3580: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24936: No description is available for this CVE. * CVE-2023-29331: No description is available for this CVE. * CVE-2023-29337: No description is available for this CVE. * CVE-2023-33128: .NET and Visual Studio Remote Code Execution Vulnerability

RHSA-2023:3580: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24936: No description is available for this CVE. * CVE-2023-29331: No description is available for this CVE. * CVE-2023-29337: No description is available for this CVE. * CVE-2023-33128: .NET and Visual Studio Remote Code Execution Vulnerability

Ubuntu Security Notice USN-6161-1

Ubuntu Security Notice 6161-1 - It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges. Kevin Jones discovered that .NET did not properly handle the AIA fetching process for X.509 client certificates. An attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice USN-6161-1

Ubuntu Security Notice 6161-1 - It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges. Kevin Jones discovered that .NET did not properly handle the AIA fetching process for X.509 client certificates. An attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice USN-6161-1

Ubuntu Security Notice 6161-1 - It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges. Kevin Jones discovered that .NET did not properly handle the AIA fetching process for X.509 client certificates. An attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice USN-6161-1

Ubuntu Security Notice 6161-1 - It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges. Kevin Jones discovered that .NET did not properly handle the AIA fetching process for X.509 client certificates. An attacker could possibly use this issue to cause a denial of service.

CVE-2023-33128

.NET and Visual Studio Remote Code Execution Vulnerability