Описание
A flaw was found in .NET. An unauthorized attacker can exploit an out-of-bounds read vulnerability over a network, leading to a Denial of Service (DoS). This can prevent legitimate users from accessing the affected service.
Меры по смягчению последствий
To mitigate this issue, restrict network access to applications utilizing affected .NET components to only trusted clients or networks using firewall rules. This will limit the exposure of the vulnerable service to potential attackers. After applying firewall rules, ensure to reload or restart the network service for changes to take effect.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | dotnet8.0 | Not affected | ||
| Red Hat Enterprise Linux 8 | dotnet8.0 | Not affected | ||
| Red Hat Enterprise Linux 9 | dotnet6.0 | Not affected | ||
| Red Hat Enterprise Linux 9 | dotnet7.0 | Not affected | ||
| Red Hat Enterprise Linux 9 | dotnet8.0 | Not affected | ||
| Red Hat Enterprise Linux 10 | dotnet9.0 | Fixed | RHSA-2026:4450 | 12.03.2026 |
| Red Hat Enterprise Linux 10 | dotnet10.0 | Fixed | RHSA-2026:4453 | 12.03.2026 |
| Red Hat Enterprise Linux 8 | dotnet9.0 | Fixed | RHSA-2026:4443 | 12.03.2026 |
| Red Hat Enterprise Linux 8 | dotnet10.0 | Fixed | RHSA-2026:4458 | 12.03.2026 |
| Red Hat Enterprise Linux 9 | dotnet10.0 | Fixed | RHSA-2026:4445 | 12.03.2026 |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.
Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.
Уязвимость программной платформы .NET, связанная с чтением за пределами допустимого диапазона в памяти, позволяющая нарушителю вызвать отказ в обслуживании
7.5 High
CVSS3