Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 24.04 & 22.04: USN-6959-1 Critical Dotnet8 Information Disclosure

ubuntu
Calendar Grey August 13, 2024
Dist Ubuntu Esm H88
Ubuntu Security Announcement USN-6959-1 resolves a critical vulnerability in dotnet8 that could lead to unintentional exposure of sensitive data.
dotnet8 could be made to disclose sensitive information.

Summary

dotnet8 could be made to disclose sensitive information.

Software Description:

- dotnet8: .NET CLI tools and runtime

Details:

It was discovered that .NET suffered from an information disclosure

vulnerability. An attacker could potentially use this issue to

read targeted email messages.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
   aspnetcore-runtime-8.0          8.0.8-0ubuntu1~24.04.1
   dotnet-host-8.0                 8.0.8-0ubuntu1~24.04.1
   dotnet-hostfxr-8.0              8.0.8-0ubuntu1~24.04.1
   dotnet-runtime-8.0              8.0.8-0ubuntu1~24.04.1
   dotnet-sdk-8.0                  8.0.108-0ubuntu1~24.04.1
   dotnet8                         8.0.108-8.0.8-0ubuntu1~24.04.1

Ubuntu 22.04 LTS
   aspnetcore-runtime-8.0          8.0.8-0ubuntu1~22.04.1
   dotnet-host-8.0                 8.0.8-0ubuntu1~22.04.1
   dotnet-hostfxr-8.0              8.0.8-0ubuntu1~22.04.1
   dotnet-runtime-8.0              8.0.8-0ubuntu1~22.04.1
   dotnet-sdk-8.0                  8.0.108-0ubuntu1~22.04.1
   dotnet8                         8.0.108-8.0.8-0ubuntu1~22.04.1

In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-6959-1

  CVE-2024-38167

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6959-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here