Oracle Linux: CVE-2024-38095: ELSA-2024-4439: dotnet6.0 security update (MODERATE) (Multiple Advisories)

Oracle Linux: CVE-2024-38095: ELSA-2024-4439:dotnet6.0 security update (MODERATE) (Multiple Advisories)

Severity

5

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

07/09/2024

Created

07/12/2024

Added

07/10/2024

Modified

01/07/2025

Description

.NET and Visual Studio Denial of Service Vulnerability A vulnerability was found in dotNET when Parsing X.509 Content and ObjectIdentifiers. This issue can lead to a denial of service attack.

Solution(s)

• oracle-linux-upgrade-aspnetcore-runtime-6-0
• oracle-linux-upgrade-aspnetcore-runtime-8-0
• oracle-linux-upgrade-aspnetcore-runtime-dbg-8-0
• oracle-linux-upgrade-aspnetcore-targeting-pack-6-0
• oracle-linux-upgrade-aspnetcore-targeting-pack-8-0
• oracle-linux-upgrade-dotnet
• oracle-linux-upgrade-dotnet-apphost-pack-6-0
• oracle-linux-upgrade-dotnet-apphost-pack-8-0
• oracle-linux-upgrade-dotnet-host
• oracle-linux-upgrade-dotnet-hostfxr-6-0
• oracle-linux-upgrade-dotnet-hostfxr-8-0
• oracle-linux-upgrade-dotnet-runtime-6-0
• oracle-linux-upgrade-dotnet-runtime-8-0
• oracle-linux-upgrade-dotnet-runtime-dbg-8-0
• oracle-linux-upgrade-dotnet-sdk-6-0
• oracle-linux-upgrade-dotnet-sdk-6-0-source-built-artifacts
• oracle-linux-upgrade-dotnet-sdk-8-0
• oracle-linux-upgrade-dotnet-sdk-8-0-source-built-artifacts
• oracle-linux-upgrade-dotnet-sdk-dbg-8-0
• oracle-linux-upgrade-dotnet-targeting-pack-6-0
• oracle-linux-upgrade-dotnet-targeting-pack-8-0
• oracle-linux-upgrade-dotnet-templates-6-0
• oracle-linux-upgrade-dotnet-templates-8-0
• oracle-linux-upgrade-netstandard-targeting-pack-2-1

References

• https://attackerkb.com/topics/cve-2024-38095
• CVE - 2024-38095
• ELSA-2024-4439
• ELSA-2024-4438
• ELSA-2024-4450
• ELSA-2024-4451