Headline
RHSA-2023:3582: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update
An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-24936: No description is available for this CVE.
- CVE-2023-29331: No description is available for this CVE.
- CVE-2023-29337: No description is available for this CVE.
- CVE-2023-33128: .NET and Visual Studio Remote Code Execution Vulnerability
Synopsis
Important: .NET 6.0 security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.118 and .NET Runtime 6.0.18.
The following packages have been upgraded to a later upstream version: dotnet6.0 (6.0.118). (BZ#2212378)
Security Fix(es):
- dotnet: .NET Kestrel: Denial of Service processing X509 Certificates (CVE-2023-29331)
- dotnet: vulnerability exists in NuGet where a potential race condition can lead to a symlink attack (CVE-2023-29337)
- dotnet: Remote Code Execution - Source generators issue can lead to a crash due to unmanaged heap corruption (CVE-2023-33128)
- dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML (CVE-2023-24936)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
- Red Hat Enterprise Linux Server - TUS 8.8 x86_64
- Red Hat Enterprise Linux for ARM 64 8 aarch64
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
- Red Hat CodeReady Linux Builder for x86_64 8 x86_64
- Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8 x86_64
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8 s390x
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8 aarch64
Fixes
- BZ - 2192438 - CVE-2023-24936 dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML
- BZ - 2212617 - CVE-2023-29331 dotnet: .NET Kestrel: Denial of Service processing X509 Certificates
- BZ - 2212618 - CVE-2023-33128 dotnet: Remote Code Execution - Source generators issue can lead to a crash due to unmanaged heap corruption
- BZ - 2213703 - CVE-2023-29337 dotnet: vulnerability exists in NuGet where a potential race condition can lead to a symlink attack
CVEs
- CVE-2023-24936
- CVE-2023-29331
- CVE-2023-29337
- CVE-2023-33128
Red Hat Enterprise Linux for x86_64 8
SRPM
dotnet6.0-6.0.118-1.el8_8.src.rpm
SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84
x86_64
aspnetcore-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 7ff49643223e7d6b5322efeefda257e25cf804ea10439c9933ac5abc284f9117
aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: e512f73c0555ea7f2f9544090296601e001ee054a19588a6dd7b8de056fdd609
dotnet-apphost-pack-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 83cc886a96cdaa6d53fef0622044be15b40b24335a7855478e8acc6e1150730c
dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 6fa1e6214ab531dbb2298ce15c4de0926d43f2574fef9002d7f365ec96c1ea5b
dotnet-hostfxr-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 6874f9175e2e44822c4e81d83d3e774a32e6b587567a29b944db1210e214f855
dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: a63df6be37813edbc9bf85f949f30c5a8143813f9abf08a4ec3b03c39d0b93fd
dotnet-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 5be6dcc5dbd619b5ec07d8e569be4209b562a179088dab2212aafbb334cf84df
dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: faf181f0b5fe5239eb6672f512424e1293d60d03cce945bfebada9a7ae40ec63
dotnet-sdk-6.0-6.0.118-1.el8_8.x86_64.rpm
SHA-256: a2c6284f35f48e5b79daf2d6c03d6b5f6e5c3a0eaa55d9c49424af034641c32f
dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm
SHA-256: a8601d58e598702b3538c50a95b55e6f23ae078b7c64717640575f91686bbecc
dotnet-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: a3b59f3d82234568e1ed62a8aca94aa32cf2c4c63a655391b5ca5adfe6aa22c9
dotnet-templates-6.0-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 5350373e433d2225ceb57748817705071b8bcac5255c27365de41ba0502140c3
dotnet6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 9a07aa5a5e6cf3dbc9d402fd406cfd2ee1d8c295ae3db122f1d39f395a615efc
dotnet6.0-debugsource-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 64b01ce416c77388286c9f33821f4639fd8ef5d7aeeac1a0da67b1d474119e8b
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8
SRPM
dotnet6.0-6.0.118-1.el8_8.src.rpm
SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84
x86_64
aspnetcore-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 7ff49643223e7d6b5322efeefda257e25cf804ea10439c9933ac5abc284f9117
aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: e512f73c0555ea7f2f9544090296601e001ee054a19588a6dd7b8de056fdd609
dotnet-apphost-pack-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 83cc886a96cdaa6d53fef0622044be15b40b24335a7855478e8acc6e1150730c
dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 6fa1e6214ab531dbb2298ce15c4de0926d43f2574fef9002d7f365ec96c1ea5b
dotnet-hostfxr-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 6874f9175e2e44822c4e81d83d3e774a32e6b587567a29b944db1210e214f855
dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: a63df6be37813edbc9bf85f949f30c5a8143813f9abf08a4ec3b03c39d0b93fd
dotnet-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 5be6dcc5dbd619b5ec07d8e569be4209b562a179088dab2212aafbb334cf84df
dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: faf181f0b5fe5239eb6672f512424e1293d60d03cce945bfebada9a7ae40ec63
dotnet-sdk-6.0-6.0.118-1.el8_8.x86_64.rpm
SHA-256: a2c6284f35f48e5b79daf2d6c03d6b5f6e5c3a0eaa55d9c49424af034641c32f
dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm
SHA-256: a8601d58e598702b3538c50a95b55e6f23ae078b7c64717640575f91686bbecc
dotnet-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: a3b59f3d82234568e1ed62a8aca94aa32cf2c4c63a655391b5ca5adfe6aa22c9
dotnet-templates-6.0-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 5350373e433d2225ceb57748817705071b8bcac5255c27365de41ba0502140c3
dotnet6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 9a07aa5a5e6cf3dbc9d402fd406cfd2ee1d8c295ae3db122f1d39f395a615efc
dotnet6.0-debugsource-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 64b01ce416c77388286c9f33821f4639fd8ef5d7aeeac1a0da67b1d474119e8b
Red Hat Enterprise Linux for IBM z Systems 8
SRPM
dotnet6.0-6.0.118-1.el8_8.src.rpm
SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84
s390x
aspnetcore-runtime-6.0-6.0.18-1.el8_8.s390x.rpm
SHA-256: 7828710b86070b6019c7b1723b1a22ada4d964a6f5540700c8e3a3ebffdfba0a
aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.s390x.rpm
SHA-256: c24a68e46b0cac58cc7dc49d030c1d628aaacd52dec9cdd2ceaf9cb6d88bc1fb
dotnet-apphost-pack-6.0-6.0.18-1.el8_8.s390x.rpm
SHA-256: 5322e523c7f012a4895a9cbdda735ce00f50ae917a58f4180f356989447db90a
dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm
SHA-256: a8c299d355247eaaeb4e763970a29dc6ef59054ef0439133720c37dc63bb0f76
dotnet-hostfxr-6.0-6.0.18-1.el8_8.s390x.rpm
SHA-256: f3a00e3161adbe83fb9252494832f04e6db0ed147bd19918b6fc4be996d1360a
dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm
SHA-256: 20ae055147f7a53e3977fbca8065911da5ad15d9fbdb7ab891e5bd7853c018e6
dotnet-runtime-6.0-6.0.18-1.el8_8.s390x.rpm
SHA-256: 62c38382ec176bdb8c409809e0da4103a09b9ea141d3b13cc405c11a7ce08bd7
dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm
SHA-256: e488bf903b19bda0e08d1fb893ca350f7879327e31f2b90c9b5e401d8a4f3d20
dotnet-sdk-6.0-6.0.118-1.el8_8.s390x.rpm
SHA-256: 0861b00f77844a69e1ae92693ca0d1432d23db13d7f3bf1ae857aecbcb54444f
dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm
SHA-256: 5404e3ba96fad3a9e412f3fbf8eb0ed67562ba5720d0d57734e350622aa04013
dotnet-targeting-pack-6.0-6.0.18-1.el8_8.s390x.rpm
SHA-256: e618b456d7a262be3ae87a18d0dd95978398687a20d5221c17d45d7c0589ba37
dotnet-templates-6.0-6.0.118-1.el8_8.s390x.rpm
SHA-256: d34cb8abb51a1ef0e71d9e6465e5256f664a5c82b715767b1f8729a6cf113735
dotnet6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm
SHA-256: 9c0e23d0c9a69bc82cc9aafc99c815e749857ca30aa7201fb29c44d07158aa12
dotnet6.0-debugsource-6.0.118-1.el8_8.s390x.rpm
SHA-256: a27670aad8d4e50365defa3828bc9f7b17202abdc43d7445b9e522c35c84c5a3
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8
SRPM
dotnet6.0-6.0.118-1.el8_8.src.rpm
SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84
s390x
aspnetcore-runtime-6.0-6.0.18-1.el8_8.s390x.rpm
SHA-256: 7828710b86070b6019c7b1723b1a22ada4d964a6f5540700c8e3a3ebffdfba0a
aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.s390x.rpm
SHA-256: c24a68e46b0cac58cc7dc49d030c1d628aaacd52dec9cdd2ceaf9cb6d88bc1fb
dotnet-apphost-pack-6.0-6.0.18-1.el8_8.s390x.rpm
SHA-256: 5322e523c7f012a4895a9cbdda735ce00f50ae917a58f4180f356989447db90a
dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm
SHA-256: a8c299d355247eaaeb4e763970a29dc6ef59054ef0439133720c37dc63bb0f76
dotnet-hostfxr-6.0-6.0.18-1.el8_8.s390x.rpm
SHA-256: f3a00e3161adbe83fb9252494832f04e6db0ed147bd19918b6fc4be996d1360a
dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm
SHA-256: 20ae055147f7a53e3977fbca8065911da5ad15d9fbdb7ab891e5bd7853c018e6
dotnet-runtime-6.0-6.0.18-1.el8_8.s390x.rpm
SHA-256: 62c38382ec176bdb8c409809e0da4103a09b9ea141d3b13cc405c11a7ce08bd7
dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm
SHA-256: e488bf903b19bda0e08d1fb893ca350f7879327e31f2b90c9b5e401d8a4f3d20
dotnet-sdk-6.0-6.0.118-1.el8_8.s390x.rpm
SHA-256: 0861b00f77844a69e1ae92693ca0d1432d23db13d7f3bf1ae857aecbcb54444f
dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm
SHA-256: 5404e3ba96fad3a9e412f3fbf8eb0ed67562ba5720d0d57734e350622aa04013
dotnet-targeting-pack-6.0-6.0.18-1.el8_8.s390x.rpm
SHA-256: e618b456d7a262be3ae87a18d0dd95978398687a20d5221c17d45d7c0589ba37
dotnet-templates-6.0-6.0.118-1.el8_8.s390x.rpm
SHA-256: d34cb8abb51a1ef0e71d9e6465e5256f664a5c82b715767b1f8729a6cf113735
dotnet6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm
SHA-256: 9c0e23d0c9a69bc82cc9aafc99c815e749857ca30aa7201fb29c44d07158aa12
dotnet6.0-debugsource-6.0.118-1.el8_8.s390x.rpm
SHA-256: a27670aad8d4e50365defa3828bc9f7b17202abdc43d7445b9e522c35c84c5a3
Red Hat Enterprise Linux Server - TUS 8.8
SRPM
dotnet6.0-6.0.118-1.el8_8.src.rpm
SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84
x86_64
aspnetcore-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 7ff49643223e7d6b5322efeefda257e25cf804ea10439c9933ac5abc284f9117
aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: e512f73c0555ea7f2f9544090296601e001ee054a19588a6dd7b8de056fdd609
dotnet-apphost-pack-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 83cc886a96cdaa6d53fef0622044be15b40b24335a7855478e8acc6e1150730c
dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 6fa1e6214ab531dbb2298ce15c4de0926d43f2574fef9002d7f365ec96c1ea5b
dotnet-hostfxr-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 6874f9175e2e44822c4e81d83d3e774a32e6b587567a29b944db1210e214f855
dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: a63df6be37813edbc9bf85f949f30c5a8143813f9abf08a4ec3b03c39d0b93fd
dotnet-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 5be6dcc5dbd619b5ec07d8e569be4209b562a179088dab2212aafbb334cf84df
dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: faf181f0b5fe5239eb6672f512424e1293d60d03cce945bfebada9a7ae40ec63
dotnet-sdk-6.0-6.0.118-1.el8_8.x86_64.rpm
SHA-256: a2c6284f35f48e5b79daf2d6c03d6b5f6e5c3a0eaa55d9c49424af034641c32f
dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm
SHA-256: a8601d58e598702b3538c50a95b55e6f23ae078b7c64717640575f91686bbecc
dotnet-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: a3b59f3d82234568e1ed62a8aca94aa32cf2c4c63a655391b5ca5adfe6aa22c9
dotnet-templates-6.0-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 5350373e433d2225ceb57748817705071b8bcac5255c27365de41ba0502140c3
dotnet6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 9a07aa5a5e6cf3dbc9d402fd406cfd2ee1d8c295ae3db122f1d39f395a615efc
dotnet6.0-debugsource-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 64b01ce416c77388286c9f33821f4639fd8ef5d7aeeac1a0da67b1d474119e8b
Red Hat Enterprise Linux for ARM 64 8
SRPM
dotnet6.0-6.0.118-1.el8_8.src.rpm
SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84
aarch64
aspnetcore-runtime-6.0-6.0.18-1.el8_8.aarch64.rpm
SHA-256: e6cb7b9683a017600800be2e20a335594f7119fd78f86fd7da1cbfcc922dc924
aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.aarch64.rpm
SHA-256: 9e9e4b8d1fd5619fba2fb4368cf795d4b290d0e710bc78aa63bd69ae936e41c2
dotnet-apphost-pack-6.0-6.0.18-1.el8_8.aarch64.rpm
SHA-256: 101cd9a21f1855d58aceb0c927839988ccce63e92d0004674b42b47dcdefe0ea
dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm
SHA-256: b05dae3f215ef2e76885db2107171812620c165e248635ce0f88af6c550b89f9
dotnet-hostfxr-6.0-6.0.18-1.el8_8.aarch64.rpm
SHA-256: 2dea52c80ba737a194f2b6c72244ecf0435ad476ceb729418028ef836f0aaabd
dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm
SHA-256: 5ee1f33433d69c7803c36a99b8d599703fb0966a61ee7805e7e3074b1ccbb7df
dotnet-runtime-6.0-6.0.18-1.el8_8.aarch64.rpm
SHA-256: ad802c0819759f51f06b69912fcc435db7eb08cc1c964e06ddb80e6abb8ba91e
dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm
SHA-256: bba1357b399c75a061a63acfc5d6dd2b47c0b83be0aaea87389951ce350f539f
dotnet-sdk-6.0-6.0.118-1.el8_8.aarch64.rpm
SHA-256: dd09f60382ef4c3e38e5a42afb1bac106a2391a77fa690cb5025786985170e54
dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 68c5550387a71bf61deec3215c8ddd8326568cb698de6faf05e91bcd02d26e4a
dotnet-targeting-pack-6.0-6.0.18-1.el8_8.aarch64.rpm
SHA-256: a2fed0be56b83aa0cb366106609a76375a6315c5dc1e7054c8227e1ef447b6c6
dotnet-templates-6.0-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 75189a1e1e21dfeccd6a72b33032cab50db1abc4444afbcca17b079df9f2b2c2
dotnet6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 1c321266a67227dd427bc460d0b8ccb9c8c097e7327137d9852aa7335d76dfe7
dotnet6.0-debugsource-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 05b85abd180f33fb1d58282bbefbf6562292686168374ee6d0de51a8b2c201b1
Red Hat CodeReady Linux Builder for x86_64 8
SRPM
x86_64
dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 6fa1e6214ab531dbb2298ce15c4de0926d43f2574fef9002d7f365ec96c1ea5b
dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: a63df6be37813edbc9bf85f949f30c5a8143813f9abf08a4ec3b03c39d0b93fd
dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: faf181f0b5fe5239eb6672f512424e1293d60d03cce945bfebada9a7ae40ec63
dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm
SHA-256: a8601d58e598702b3538c50a95b55e6f23ae078b7c64717640575f91686bbecc
dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 244ff76fa3d2fbe69e6ea81c7f1d13d83752cc951bbd4b90d2fbba54774e8966
dotnet6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 9a07aa5a5e6cf3dbc9d402fd406cfd2ee1d8c295ae3db122f1d39f395a615efc
dotnet6.0-debugsource-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 64b01ce416c77388286c9f33821f4639fd8ef5d7aeeac1a0da67b1d474119e8b
Red Hat CodeReady Linux Builder for IBM z Systems 8
SRPM
s390x
dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm
SHA-256: a8c299d355247eaaeb4e763970a29dc6ef59054ef0439133720c37dc63bb0f76
dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm
SHA-256: 20ae055147f7a53e3977fbca8065911da5ad15d9fbdb7ab891e5bd7853c018e6
dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm
SHA-256: e488bf903b19bda0e08d1fb893ca350f7879327e31f2b90c9b5e401d8a4f3d20
dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm
SHA-256: 5404e3ba96fad3a9e412f3fbf8eb0ed67562ba5720d0d57734e350622aa04013
dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el8_8.s390x.rpm
SHA-256: bba82b0a034364cd0e3b452539af96d39c31c5335a9257a9eceb06c330f3650e
dotnet6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm
SHA-256: 9c0e23d0c9a69bc82cc9aafc99c815e749857ca30aa7201fb29c44d07158aa12
dotnet6.0-debugsource-6.0.118-1.el8_8.s390x.rpm
SHA-256: a27670aad8d4e50365defa3828bc9f7b17202abdc43d7445b9e522c35c84c5a3
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8
SRPM
dotnet6.0-6.0.118-1.el8_8.src.rpm
SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84
aarch64
aspnetcore-runtime-6.0-6.0.18-1.el8_8.aarch64.rpm
SHA-256: e6cb7b9683a017600800be2e20a335594f7119fd78f86fd7da1cbfcc922dc924
aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.aarch64.rpm
SHA-256: 9e9e4b8d1fd5619fba2fb4368cf795d4b290d0e710bc78aa63bd69ae936e41c2
dotnet-apphost-pack-6.0-6.0.18-1.el8_8.aarch64.rpm
SHA-256: 101cd9a21f1855d58aceb0c927839988ccce63e92d0004674b42b47dcdefe0ea
dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm
SHA-256: b05dae3f215ef2e76885db2107171812620c165e248635ce0f88af6c550b89f9
dotnet-hostfxr-6.0-6.0.18-1.el8_8.aarch64.rpm
SHA-256: 2dea52c80ba737a194f2b6c72244ecf0435ad476ceb729418028ef836f0aaabd
dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm
SHA-256: 5ee1f33433d69c7803c36a99b8d599703fb0966a61ee7805e7e3074b1ccbb7df
dotnet-runtime-6.0-6.0.18-1.el8_8.aarch64.rpm
SHA-256: ad802c0819759f51f06b69912fcc435db7eb08cc1c964e06ddb80e6abb8ba91e
dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm
SHA-256: bba1357b399c75a061a63acfc5d6dd2b47c0b83be0aaea87389951ce350f539f
dotnet-sdk-6.0-6.0.118-1.el8_8.aarch64.rpm
SHA-256: dd09f60382ef4c3e38e5a42afb1bac106a2391a77fa690cb5025786985170e54
dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 68c5550387a71bf61deec3215c8ddd8326568cb698de6faf05e91bcd02d26e4a
dotnet-targeting-pack-6.0-6.0.18-1.el8_8.aarch64.rpm
SHA-256: a2fed0be56b83aa0cb366106609a76375a6315c5dc1e7054c8227e1ef447b6c6
dotnet-templates-6.0-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 75189a1e1e21dfeccd6a72b33032cab50db1abc4444afbcca17b079df9f2b2c2
dotnet6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 1c321266a67227dd427bc460d0b8ccb9c8c097e7327137d9852aa7335d76dfe7
dotnet6.0-debugsource-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 05b85abd180f33fb1d58282bbefbf6562292686168374ee6d0de51a8b2c201b1
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8
SRPM
dotnet6.0-6.0.118-1.el8_8.src.rpm
SHA-256: 1347d72890f35b869ecd2d32430cfa42429ba78c8edc8ff677f2a0b0cdcbab84
x86_64
aspnetcore-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 7ff49643223e7d6b5322efeefda257e25cf804ea10439c9933ac5abc284f9117
aspnetcore-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: e512f73c0555ea7f2f9544090296601e001ee054a19588a6dd7b8de056fdd609
dotnet-apphost-pack-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 83cc886a96cdaa6d53fef0622044be15b40b24335a7855478e8acc6e1150730c
dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 6fa1e6214ab531dbb2298ce15c4de0926d43f2574fef9002d7f365ec96c1ea5b
dotnet-hostfxr-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 6874f9175e2e44822c4e81d83d3e774a32e6b587567a29b944db1210e214f855
dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: a63df6be37813edbc9bf85f949f30c5a8143813f9abf08a4ec3b03c39d0b93fd
dotnet-runtime-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 5be6dcc5dbd619b5ec07d8e569be4209b562a179088dab2212aafbb334cf84df
dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: faf181f0b5fe5239eb6672f512424e1293d60d03cce945bfebada9a7ae40ec63
dotnet-sdk-6.0-6.0.118-1.el8_8.x86_64.rpm
SHA-256: a2c6284f35f48e5b79daf2d6c03d6b5f6e5c3a0eaa55d9c49424af034641c32f
dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm
SHA-256: a8601d58e598702b3538c50a95b55e6f23ae078b7c64717640575f91686bbecc
dotnet-targeting-pack-6.0-6.0.18-1.el8_8.x86_64.rpm
SHA-256: a3b59f3d82234568e1ed62a8aca94aa32cf2c4c63a655391b5ca5adfe6aa22c9
dotnet-templates-6.0-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 5350373e433d2225ceb57748817705071b8bcac5255c27365de41ba0502140c3
dotnet6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 9a07aa5a5e6cf3dbc9d402fd406cfd2ee1d8c295ae3db122f1d39f395a615efc
dotnet6.0-debugsource-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 64b01ce416c77388286c9f33821f4639fd8ef5d7aeeac1a0da67b1d474119e8b
Red Hat CodeReady Linux Builder for ARM 64 8
SRPM
aarch64
dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm
SHA-256: b05dae3f215ef2e76885db2107171812620c165e248635ce0f88af6c550b89f9
dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm
SHA-256: 5ee1f33433d69c7803c36a99b8d599703fb0966a61ee7805e7e3074b1ccbb7df
dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm
SHA-256: bba1357b399c75a061a63acfc5d6dd2b47c0b83be0aaea87389951ce350f539f
dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 68c5550387a71bf61deec3215c8ddd8326568cb698de6faf05e91bcd02d26e4a
dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 2fda85ae79cd0dfe110ef00f78c7c0b0e070a2b81a6d160d471822ca039b5be3
dotnet6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 1c321266a67227dd427bc460d0b8ccb9c8c097e7327137d9852aa7335d76dfe7
dotnet6.0-debugsource-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 05b85abd180f33fb1d58282bbefbf6562292686168374ee6d0de51a8b2c201b1
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8
SRPM
x86_64
dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: 6fa1e6214ab531dbb2298ce15c4de0926d43f2574fef9002d7f365ec96c1ea5b
dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: a63df6be37813edbc9bf85f949f30c5a8143813f9abf08a4ec3b03c39d0b93fd
dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.x86_64.rpm
SHA-256: faf181f0b5fe5239eb6672f512424e1293d60d03cce945bfebada9a7ae40ec63
dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm
SHA-256: a8601d58e598702b3538c50a95b55e6f23ae078b7c64717640575f91686bbecc
dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 244ff76fa3d2fbe69e6ea81c7f1d13d83752cc951bbd4b90d2fbba54774e8966
dotnet6.0-debuginfo-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 9a07aa5a5e6cf3dbc9d402fd406cfd2ee1d8c295ae3db122f1d39f395a615efc
dotnet6.0-debugsource-6.0.118-1.el8_8.x86_64.rpm
SHA-256: 64b01ce416c77388286c9f33821f4639fd8ef5d7aeeac1a0da67b1d474119e8b
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8
SRPM
s390x
dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm
SHA-256: a8c299d355247eaaeb4e763970a29dc6ef59054ef0439133720c37dc63bb0f76
dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm
SHA-256: 20ae055147f7a53e3977fbca8065911da5ad15d9fbdb7ab891e5bd7853c018e6
dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.s390x.rpm
SHA-256: e488bf903b19bda0e08d1fb893ca350f7879327e31f2b90c9b5e401d8a4f3d20
dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm
SHA-256: 5404e3ba96fad3a9e412f3fbf8eb0ed67562ba5720d0d57734e350622aa04013
dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el8_8.s390x.rpm
SHA-256: bba82b0a034364cd0e3b452539af96d39c31c5335a9257a9eceb06c330f3650e
dotnet6.0-debuginfo-6.0.118-1.el8_8.s390x.rpm
SHA-256: 9c0e23d0c9a69bc82cc9aafc99c815e749857ca30aa7201fb29c44d07158aa12
dotnet6.0-debugsource-6.0.118-1.el8_8.s390x.rpm
SHA-256: a27670aad8d4e50365defa3828bc9f7b17202abdc43d7445b9e522c35c84c5a3
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8
SRPM
aarch64
dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm
SHA-256: b05dae3f215ef2e76885db2107171812620c165e248635ce0f88af6c550b89f9
dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm
SHA-256: 5ee1f33433d69c7803c36a99b8d599703fb0966a61ee7805e7e3074b1ccbb7df
dotnet-runtime-6.0-debuginfo-6.0.18-1.el8_8.aarch64.rpm
SHA-256: bba1357b399c75a061a63acfc5d6dd2b47c0b83be0aaea87389951ce350f539f
dotnet-sdk-6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 68c5550387a71bf61deec3215c8ddd8326568cb698de6faf05e91bcd02d26e4a
dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 2fda85ae79cd0dfe110ef00f78c7c0b0e070a2b81a6d160d471822ca039b5be3
dotnet6.0-debuginfo-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 1c321266a67227dd427bc460d0b8ccb9c8c097e7327137d9852aa7335d76dfe7
dotnet6.0-debugsource-6.0.118-1.el8_8.aarch64.rpm
SHA-256: 05b85abd180f33fb1d58282bbefbf6562292686168374ee6d0de51a8b2c201b1
Related news
Red Hat Security Advisory 2023-4449-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.120 and .NET Runtime 6.0.20. Issues addressed include code execution, denial of service, and heap corruption vulnerabilities.
Red Hat Security Advisory 2023-4448-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.120 and .NET Runtime 6.0.20. Issues addressed include code execution, denial of service, and heap corruption vulnerabilities.
An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-29331: A vulnerability was found in dotnet. This issue can lead to a denial of service while processing X509 Certificates. * CVE-2023-29337: A vulnerability was found in dotnet. This issue exists in NuGet where a potential race condition can lead to a symlink attack. * CVE-2023-33128: A vulnerability was found in dotnet. This...
An update for .NET 6.0 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-29331: A vulnerability was found in dotnet. This issue can lead to a denial of service while processing X509 Certificates. * CVE-2023-29337: A vulnerability was found in dotnet. This issue exists in NuGet where a potential race condition can lead to a symlink attack. * CVE-2023-33128: A vulnerability was found in dotnet. This...
Hello everyone! This episode will be about Microsoft Patch Tuesday for June 2023, including vulnerabilities that were added between May and June Patch Tuesdays. As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I took the comments about the vulnerabilities from the Qualys, Tenable, Rapid7, ZDI Patch Tuesday reviews. This time there […]
Ubuntu Security Notice 6161-2 - USN-6161-1 fixed vulnerabilities in .NET. The update introduced a regression with regards to how the runtime imported X.509 certificates. This update fixes the problem. It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges.
# Microsoft Security Advisory CVE-2023-33128: .NET Remote Code Execution Vulnerability ## <a name="executive-summary"></a>Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in .NET source generator for P/Invokes that can lead to generated code freeing uninitialized memory and crashing. ## Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/253 ### <a name="mitigation-factors"></a>Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. ## <a name="affected-software"></a>Affected software * Any .NET 7.0.1xx SDK 7.0.106 or earlier. * Any .NET 7.0.3xx SDK 7.0.303 or earlier. If your application uses the following package versions, ensure you update to the latest version of .NET....
# Microsoft Security Advisory CVE-2023-29331: .NET Denial of Service vulnerability ## <a name="executive-summary"></a>Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in .NET when processing X.509 certificates that may result in Denial of Service. Details: [KB5025823 ](https://support.microsoft.com/kb/5025823) ## Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/257 ### <a name="mitigation-factors"></a>Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. ## <a name="affected-software"></a>Affected software * Any .NET 7.0 application running on .NET 7.0.5 or earlier. * Any .NET 6.0 application running on .NET 6.0.16 or earlier. If your application uses ...
# Microsoft Security Advisory CVE-2023-24936: .NET Elevation of Privilege Vulnerability ## <a name="executive-summary"></a>Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in .NET when deserializing a DataSet or DataTable from XML which may result in elevation of privileges. ## Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/259 ### <a name="mitigation-factors"></a>Mitigation factors The default configuration of DataSet and DataTable is not susceptible to this vulnerability. This vulnerability only exists if the app developer or machine admin extends the DataSet and DataTable default allow-list [as specified here](https://learn.microsoft.com/en-us/dotnet/framework/data/adonet/dataset-datatable-da...
### Description Microsoft is releasing this security advisory to provide information about a vulnerability in .NET and NuGet on Linux. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in .NET 6.0, .NET 7.0 and NuGet(nuget.exe, NuGet.Protocol, NuGet.Common, NuGet.CommandLine, NuGet.Commands, Microsoft.Build.NuGetSdkResolver, NuGet.PackageManagement) where a potential race condition that can lead to a symlink attack on Linux. Non-Linux platforms are not affected. ### Affected software This issue only affects Linux systems. #### NuGet & NuGet Packages - Any NuGet.exe, NuGet.Protocol, NuGet.Common, NuGet.CommandLine, NuGet.Commands, Microsoft.Build.NuGetSdkResolver, NuGet.PackageManagement 6.6.0 version or earlier. - Any NuGet.exe, NuGet.Protocol, NuGet.Common, NuGet.CommandLine, NuGet.Commands, Microsoft.Build.NuGetSdkResolver, NuGet.PackageManagement 6.5.0 version or earlier. - Any NuGet.e...
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24936: No description is available for this CVE. * CVE-2023-29331: No description is available for this CVE. * CVE-2023-29337: No description is available for this CVE. * CVE-2023-33128: .NET and Visual Studio Remote Code Execution Vulnerability
An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24936: No description is available for this CVE. * CVE-2023-29331: No description is available for this CVE. * CVE-2023-29337: No description is available for this CVE. * CVE-2023-33128: .NET and Visual Studio Remote Code Execution Vulnerability
An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24936: No description is available for this CVE. * CVE-2023-29331: No description is available for this CVE. * CVE-2023-29337: No description is available for this CVE. * CVE-2023-33128: .NET and Visual Studio Remote Code Execution Vulnerability
An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24936: No description is available for this CVE. * CVE-2023-29331: No description is available for this CVE. * CVE-2023-29337: No description is available for this CVE. * CVE-2023-33128: .NET and Visual Studio Remote Code Execution Vulnerability
Ubuntu Security Notice 6161-1 - It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges. Kevin Jones discovered that .NET did not properly handle the AIA fetching process for X.509 client certificates. An attacker could possibly use this issue to cause a denial of service.
Ubuntu Security Notice 6161-1 - It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges. Kevin Jones discovered that .NET did not properly handle the AIA fetching process for X.509 client certificates. An attacker could possibly use this issue to cause a denial of service.
Ubuntu Security Notice 6161-1 - It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges. Kevin Jones discovered that .NET did not properly handle the AIA fetching process for X.509 client certificates. An attacker could possibly use this issue to cause a denial of service.
Ubuntu Security Notice 6161-1 - It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges. Kevin Jones discovered that .NET did not properly handle the AIA fetching process for X.509 client certificates. An attacker could possibly use this issue to cause a denial of service.
.NET and Visual Studio Remote Code Execution Vulnerability