Red Hat Enterprise Linux 8.6 Extended Update Support update for .NET 6.0

Aug 3, 2023 12:00 pm Cyber Security 89
Published: 2023-08-03

Security Bulletin


This security bulletin contains information about 4 vulnerabilities.


EUVDB-ID: #VU77235


Risk: Medium


CVSSv3.1:


CVE-ID: CVE-2023-29331


CWE-ID: CWE-20 - Improper input validation


Exploit availability: No


Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.


The vulnerability exists due to insufficient validation of user-supplied input in .NET, .NET Framework, and Visual Studio. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.


Mitigation

Install updates from vendor's website.


Vulnerable software versions

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support: 8.6 - 8.6


Red Hat Enterprise Linux for ARM 64 - Extended Update Support: 8.6 - 8.6


Red Hat Enterprise Linux Server - TUS: 8.6 - 8.6


Red Hat Enterprise Linux for IBM z Systems - Extended Update Support: 8.6 - 8.6


Red Hat Enterprise Linux Server - AUS: 8.6 - 8.6


Red Hat Enterprise Linux for x86_64 - Extended Update Support: 8.6 - 8.6


dotnet6.0 (Red Hat package): before 6.0.120-1.el8_6


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2023:4448


Q & A


Can this vulnerability be exploited remotely?


Is there known malware, which exploits this vulnerability?



EUVDB-ID: #VU77278


Risk: Medium


CVSSv3.1:


CVE-ID: CVE-2023-29337


CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Support the originator by clicking the read the rest link below.

enterprise linux extended update support update
Read The Rest from the original source
cybersecurity-help.cz

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!