Ubuntu Security Notice 6161-2 - USN-6161-1 fixed vulnerabilities in .NET. The update introduced a regression with regards to how the runtime imported X.509 certificates. This update fixes the problem. It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges.
67ee7be668513048889aa6b43f011d07bf3cb753ec723bc38e4592358e37c481Red Hat Security Advisory 2023-3593-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7. Issues addressed include bypass, code execution, denial of service, and heap corruption vulnerabilities.
5b3a1cc3c89649f1f2474996a0c41a8cf16a81cd1ca0e72c72adc4bdca520389Red Hat Security Advisory 2023-3592-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7. Issues addressed include bypass, code execution, denial of service, and heap corruption vulnerabilities.
136dd455aaf839c489ebd22d0921ec9b0c5132cb40b000142ae0239abb4c4d03Red Hat Security Advisory 2023-3582-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.118 and .NET Runtime 6.0.18. Issues addressed include bypass, code execution, denial of service, and heap corruption vulnerabilities.
37d3d1e5b38b790a7b9269b4dc7ca776d892390d71cac082dd03dc2bf9c2fb41Red Hat Security Advisory 2023-3580-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.118 and .NET Runtime 6.0.18. Issues addressed include bypass, code execution, denial of service, and heap corruption vulnerabilities.
44b629254adf697bb98ddb9d95e91d34e75d01f22dd82ed51215a9c9136e4aedRed Hat Security Advisory 2023-3581-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.118 and .NET Runtime 6.0.18. Issues addressed include bypass, code execution, denial of service, and heap corruption vulnerabilities.
503fff00de82bd0c4f9801b929e13673c852a7a3091c99b4e62fcf3fcd582765Ubuntu Security Notice 6161-1 - It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges. Kevin Jones discovered that .NET did not properly handle the AIA fetching process for X.509 client certificates. An attacker could possibly use this issue to cause a denial of service.
d9a88210f8d5a28da35d8d47eaac79e52239e45f7bc38b4cca8e4ed63b990813
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed