Sicherheit: Mehrere Probleme in .NET

Lesezeichen hinzufügen

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============8796011978585144849==
Content-Language: en-US
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="------------tliet09Ucy60MoRpIDbx7fbX"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--------------tliet09Ucy60MoRpIDbx7fbX
Content-Type: multipart/mixed;
boundary="------------75bn0ukh07RZP9cSgQyfat0z";
protected-headers="v1"
From: Ian Constantin <ian.constantin@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID: <05bd072a-bbf4-48e6-a595-018c10d4683d@canonical.com>
Subject: [USN-7210-1] .NET vulnerabilities

--------------75bn0ukh07RZP9cSgQyfat0z
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: base64

==========================================================================
Ubuntu Security Notice USN-7210-1
January 16, 2025

dotnet8, dotnet9 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in .NET.

Software Description:
- dotnet8: .NET CLI tools and runtime
- dotnet9: .NET CLI tools and runtime

Details:

It was discovered that .NET did not properly handle input provided to its
Convert.TryToHexString method. An attacker could possibly use this issue
to execute arbitrary code. (CVE-2025-21171)

It was discovered that .NET did not properly handle an integer overflow
when processing certain specially crafted files. An attacker could
possibly use this issue to execute arbitrary code. (CVE-2025-21172)

Daniel Plaisted and Noah Gilson discovered that .NET insecurely handled
temporary file usage which could result in malicious package dependency
injection. An attacker could possibly use this issue to elevate privileges.
(CVE-2025-21173)

It was discovered that .NET did not properly perform input data validation
when processing certain specially crafted files. An attacker could
possibly use this issue to execute arbitrary code. (CVE-2025-21176)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
aspnetcore-runtime-8.0          8.0.12-0ubuntu1~24.10.1
aspnetcore-runtime-9.0          9.0.1-0ubuntu1~24.10.1
dotnet-host-8.0                 8.0.12-0ubuntu1~24.10.1
dotnet-host-9.0                 9.0.1-0ubuntu1~24.10.1
dotnet-hostfxr-8.0              8.0.12-0ubuntu1~24.10.1
dotnet-hostfxr-9.0              9.0.1-0ubuntu1~24.10.1
dotnet-runtime-8.0              8.0.12-0ubuntu1~24.10.1
dotnet-runtime-9.0              9.0.1-0ubuntu1~24.10.1
dotnet-sdk-8.0                  8.0.112-0ubuntu1~24.10.1
dotnet-sdk-9.0                  9.0.102-0ubuntu1~24.10.1
dotnet8                         8.0.112-8.0.12-0ubuntu1~24.10.1
dotnet9                         9.0.102-9.0.1-0ubuntu1~24.10.1

Ubuntu 24.04 LTS
aspnetcore-runtime-8.0          8.0.12-0ubuntu1~24.04.1
dotnet-host-8.0                 8.0.12-0ubuntu1~24.04.1
dotnet-hostfxr-8.0              8.0.12-0ubuntu1~24.04.1
dotnet-runtime-8.0              8.0.12-0ubuntu1~24.04.1
dotnet-sdk-8.0                  8.0.112-0ubuntu1~24.04.1
dotnet8                         8.0.112-8.0.12-0ubuntu1~24.04.1

Ubuntu 22.04 LTS
aspnetcore-runtime-8.0          8.0.12-0ubuntu1~22.04.1
dotnet-host-8.0                 8.0.12-0ubuntu1~22.04.1
dotnet-hostfxr-8.0              8.0.12-0ubuntu1~22.04.1
dotnet-runtime-8.0              8.0.12-0ubuntu1~22.04.1
dotnet-sdk-8.0                  8.0.112-0ubuntu1~22.04.1
dotnet8                         8.0.112-8.0.12-0ubuntu1~22.04.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7210-1
CVE-2025-21171, CVE-2025-21172, CVE-2025-21173, CVE-2025-21176

Package Information:
https://launchpad.net/ubuntu/+source/dotnet8/8.0.112-8.0.12-0ubuntu1~24.10.1
https://launchpad.net/ubuntu/+source/dotnet9/9.0.102-9.0.1-0ubuntu1~24.10.1
https://launchpad.net/ubuntu/+source/dotnet8/8.0.112-8.0.12-0ubuntu1~24.04.1
https://launchpad.net/ubuntu/+source/dotnet8/8.0.112-8.0.12-0ubuntu1~22.04.1

--------------75bn0ukh07RZP9cSgQyfat0z--

--------------tliet09Ucy60MoRpIDbx7fbX
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature.asc"

-----BEGIN PGP SIGNATURE-----

wsD5BAABCAAjFiEEcxdv4gCCE8W9nrt5a1+PL+d1/EgFAmeJH3sFAwAAAAAACgkQa1+PL+d1/Eh9
uwv9GhnCeT51CobHI1rLo0UjFbUq6RONhXCObe7j7/xYmvIA2y01LsSI4U9pc6SfXve8CT5FwuwD
V4Hi7eultrPdMUDuewWl/bcIC7M6KEVvJAxLvew5TASXyGlIRbyFf5dog24bkSz1C3zMWTG29hUh
fcK6Ykf6AA2YiSyw9Aho48NKECJYAFxo/RCrdwbgkdKw5uKX8+2uOmZAXvO243tEJ+5u1H0YgrFW
4Tg1Tuf5nDBhB+Rtu96WlOk+fdpe3g8VoZ1/bdR+N4XX3A78KUaGYunig8wjJz7Rrfef1C/ffcPG
xvYU1mHA3uAhEEiyfy33MjLIiC6HB7vhz6L3SMZMmDuhl/fVVotAQIzVmWN44bn3POTWphi93TG6
orjP9x8TeiJ3SZw4XHmC6U6ZNhYUZyZAluhonL/GmYgi1kydrIZYQ+v27PV99FLY/0MqWG/rSdfH
gx0o9LguT4/naGAzSB+RRHFuKW95iw/v3XRhVIKNRgOoArgqJlpMbhgrP2LD
=ZTCd
-----END PGP SIGNATURE-----

--------------tliet09Ucy60MoRpIDbx7fbX--

--===============8796011978585144849==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

Cg==

--===============8796011978585144849==--