ArchLinux: 202106-37: aspnet-runtime: denial of service | LinuxSecu...

Advisories

Arch Linux Security Advisory ASA-202106-37
==========================================

Severity: Medium
Date    : 2021-06-15
CVE-ID  : CVE-2021-31957
Package : aspnet-runtime
Type    : denial of service
Remote  : Yes
Link    : https://security.archlinux.org/AVG-2046

Summary
=======

The package aspnet-runtime before version 5.0.7.sdk204-1 is vulnerable
to denial of service.

Resolution
==========

Upgrade to 5.0.7.sdk204-1.

# pacman -Syu "aspnet-runtime>=5.0.7.sdk204-1"

The problem has been fixed upstream in version 5.0.7.sdk204.

Workaround
==========

None.

Description
===========

A denial of service vulnerability exists in .NET 5.0 before Runtime
5.0.7 and SDK 5.0.204 as well as .NET Core 3.1 before Runtime 3.1.16
and SDK 3.1.116 in ASP.NET.

Impact
======

A remote attacker could crash an ASP.NET application.

References
==========

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31957
https://github.com/dotnet/announcements/issues/189
https://security.archlinux.org/CVE-2021-31957

ArchLinux: 202106-37: aspnet-runtime: denial of service

June 17, 2021
The package aspnet-runtime before version 5.0.7.sdk204-1 is vulnerable to denial of service

Summary

A denial of service vulnerability exists in .NET 5.0 before Runtime 5.0.7 and SDK 5.0.204 as well as .NET Core 3.1 before Runtime 3.1.16 and SDK 3.1.116 in ASP.NET.

Resolution

Upgrade to 5.0.7.sdk204-1.
# pacman -Syu "aspnet-runtime>=5.0.7.sdk204-1"
The problem has been fixed upstream in version 5.0.7.sdk204.

References

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31957 https://github.com/dotnet/announcements/issues/189 https://security.archlinux.org/CVE-2021-31957

Severity
CVE-ID : CVE-2021-31957
Package : aspnet-runtime
Type : denial of service
Remote : Yes
Link : https://security.archlinux.org/AVG-2046

Impact

A remote attacker could crash an ASP.NET application.

Workaround

None.

Related News

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.